ez1credit.com Open in urlscan Pro
72.32.109.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ez1credit.com/
Submission: On June 08 via automatic, source certstream-suspicious (June 8th 2023, 4:10:15 pm UTC) — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 72.32.109.3, located in United States and belongs to RMH-14, US. The main domain is ez1credit.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 8th 2023. Valid for: a year.

This is the only time ez1credit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	72.32.109.3 72.32.109.3	33070 (RMH-14) (RMH-14)
2 8	72.3.235.2 72.3.235.2	33070 (RMH-14) (RMH-14)
9	2

3 72.32.109.3 (United States)

ASN33070 (RMH-14, US)

ez1credit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 72.3.235.2 (United States) 2 redirects

ASN33070 (RMH-14, US)
PTR: james.smithsonianmagazine.com

expresslandingpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	expresslandingpages.com 2 redirects expresslandingpages.com	83 KB
3	ez1credit.com ez1credit.com	121 KB
9	2

	Domain	Requested by
8	expresslandingpages.com	2 redirects ez1credit.com expresslandingpages.com
3	ez1credit.com	ez1credit.com
9	2

This site contains no links.

Subject Issuer	Validity	Valid
*.ez1credit.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-08` - `2024-06-07`	a year	crt.sh
expresslandingpages.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-01` - `2024-05-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ez1credit.com/
Frame ID: 42F6EF3066D00E53F76825EA56828554
Requests: 3 HTTP requests in this frame

Frame: https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1
Frame ID: 60B47DC20F11AF47367EC2E37A95C7F4
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

https://ez1credit.com/

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

204 kB
Transfer

254 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://expresslandingpages.com/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0 HTTP 302
https://expresslandingpages.com/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 HTTP 302
https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ez1credit.com/	2 KB 1 KB	821ms 148ms	Document text/html	72.32.109.3 RMH-14
General Check archive.org Show headers Download Go to Full URL https://ez1credit.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.32.109.3 , United States, ASN33070 (RMH-14, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `2e281a43986661caf73d4147f121e891fa89365cbed7c4ad47b28d44e64275b8` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control private Content-Encoding gzip Content-Length 1182 Content-Type text/html; charset=utf-8 Date Thu, 08 Jun 2023 16:10:10 GMT Server Microsoft-IIS/8.5 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET
GET H/1.1	200 OK	jquery.min.js Show response ez1credit.com/maskurl/images/	90 KB 41 KB	338ms 337ms	Script application/javascript	72.32.109.3 RMH-14
General Check archive.org Show headers Download Go to Full URL https://ez1credit.com/maskurl/images/jquery.min.js Requested by Host: ez1credit.com URL: https://ez1credit.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.32.109.3 , United States, ASN33070 (RMH-14, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734` Request headers accept-language de-DE,de;q=0.9 Referer https://ez1credit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 16:10:10 GMT Content-Encoding gzip Last-Modified Wed, 04 May 2016 18:25:36 GMT Server Microsoft-IIS/8.5 ETag "496b385a32a6d11:0" X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 41458
GET H/1.1	200 OK	Default.aspx Show response expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/ Frame 60B4 Redirect Chain https://expresslandingpages.com/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0 https://expresslandingpages.com/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1	3 KB 2 KB	150ms 150ms	Document text/html	72.3.235.2 RMH-14
General Check archive.org Show headers Download Go to Full URL https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 Requested by Host: ez1credit.com URL: https://ez1credit.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.3.235.2 , United States, ASN33070 (RMH-14, US), Reverse DNS james.smithsonianmagazine.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `c2cabff3a6f373928398dcb54117d0c8a5978e63fcc45e210f9141db0a2e1c46` Request headers Referer https://ez1credit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control private Content-Encoding gzip Content-Length 1529 Content-Type text/html; charset=utf-8 Date Thu, 08 Jun 2023 16:10:11 GMT Server Microsoft-IIS/8.5 Vary Accept-Encoding X-AspNet-Version 2.0.50727 X-Powered-By ASP.NET Redirect headers Access-Control-Allow-Origin * Content-Length 298 Content-Type text/html; charset=utf-8 Date Thu, 08 Jun 2023 16:10:11 GMT Location /(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ajax-loader.gif ez1credit.com/maskurl/images/	79 KB 79 KB	151ms 151ms	Image image/gif	72.32.109.3 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://ez1credit.com/maskurl/images/ajax-loader.gif Requested by Host: ez1credit.com URL: https://ez1credit.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.32.109.3 , United States, ASN33070 (RMH-14, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `dcb64e7fd3c10b42cf72d0be27018d83cb6d00d89838e419b44bb0eb106d6307` Request headers accept-language de-DE,de;q=0.9 Referer https://ez1credit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 16:10:10 GMT Last-Modified Tue, 28 Feb 2017 00:15:47 GMT Server Microsoft-IIS/8.5 ETag "ec2592cf5791d21:0" X-Powered-By ASP.NET Content-Type image/gif Accept-Ranges bytes Content-Length 80823
GET H/1.1	200 OK	Errormgebox_01.gif expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/ Frame 60B4	20 KB 21 KB	337ms 335ms	Image image/gif	72.3.235.2 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/Errormgebox_01.gif Requested by Host: expresslandingpages.com URL: https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.3.235.2 , United States, ASN33070 (RMH-14, US), Reverse DNS james.smithsonianmagazine.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `d60ad3da7822731d2063dec52a315e17b645197a75fbfd24150a21a3a9b4241c` Request headers accept-language de-DE,de;q=0.9 Referer https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 16:10:11 GMT Last-Modified Thu, 16 Jan 2014 13:17:50 GMT Server Microsoft-IIS/8.5 ETag "5fa9f65abd12cf1:0" X-Powered-By ASP.NET Content-Type image/gif Access-Control-Allow-Origin * Accept-Ranges bytes Content-Length 20986
GET H/1.1	200 OK	Errormgebox_02.gif expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/ Frame 60B4	596 B 875 B	145ms 143ms	Image image/gif	72.3.235.2 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/Errormgebox_02.gif Requested by Host: expresslandingpages.com URL: https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.3.235.2 , United States, ASN33070 (RMH-14, US), Reverse DNS james.smithsonianmagazine.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `3671b2f7c42a26fc1ffe807adea6555cfea7b2c7f1439822b9b922a3e86a9450` Request headers accept-language de-DE,de;q=0.9 Referer https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 16:10:11 GMT Last-Modified Thu, 16 Jan 2014 13:17:50 GMT Server Microsoft-IIS/8.5 ETag "5fa9f65abd12cf1:0" X-Powered-By ASP.NET Content-Type image/gif Access-Control-Allow-Origin * Accept-Ranges bytes Content-Length 596
GET H/1.1	200 OK	Errormgebox_04.gif expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/ Frame 60B4	604 B 883 B	287ms 142ms	Image image/gif	72.3.235.2 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/Errormgebox_04.gif Requested by Host: expresslandingpages.com URL: https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.3.235.2 , United States, ASN33070 (RMH-14, US), Reverse DNS james.smithsonianmagazine.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `da0082f69e85e49b38966a02f1e870778a823d6f49203654e633f242a11c5c1c` Request headers accept-language de-DE,de;q=0.9 Referer https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 16:10:12 GMT Last-Modified Thu, 16 Jan 2014 13:17:49 GMT Server Microsoft-IIS/8.5 ETag "e079dc5abd12cf1:0" X-Powered-By ASP.NET Content-Type image/gif Access-Control-Allow-Origin * Accept-Ranges bytes Content-Length 604
GET H/1.1	200 OK	Errormgebox_05.gif expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/ Frame 60B4	3 KB 3 KB	431ms 146ms	Image image/gif	72.3.235.2 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/Errormgebox_05.gif Requested by Host: expresslandingpages.com URL: https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.3.235.2 , United States, ASN33070 (RMH-14, US), Reverse DNS james.smithsonianmagazine.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `7a94b0136d704ede83f8d72bf613b005104ad297d649dbc89984f27186571216` Request headers accept-language de-DE,de;q=0.9 Referer https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 16:10:12 GMT Last-Modified Thu, 16 Jan 2014 13:17:49 GMT Server Microsoft-IIS/8.5 ETag "4adbde5abd12cf1:0" X-Powered-By ASP.NET Content-Type image/gif Access-Control-Allow-Origin * Accept-Ranges bytes Content-Length 2603
GET H/1.1	200 OK	Errormgebox_03.gif expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/ Frame 60B4	55 KB 56 KB	699ms 429ms	Image image/gif	72.3.235.2 RMH-14
General Check archive.org Show headers Download Go to Show image Full URL https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/images/Errormgebox_03.gif Requested by Host: expresslandingpages.com URL: https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 72.3.235.2 , United States, ASN33070 (RMH-14, US), Reverse DNS james.smithsonianmagazine.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `adb815a8e4f08f3fd6bda440ce427cf8842fcd194765762ac963753a6264a25a` Request headers accept-language de-DE,de;q=0.9 Referer https://expresslandingpages.com/(X(1)S(svlz2or2dortpf55sx3jtlql))/Default.aspx?url=ez1credit.com&t=010&ref=na&fo=&infousaid=&merchID=&p5=&tt=0&AspxAutoDetectCookieSupport=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 16:10:12 GMT Last-Modified Thu, 16 Jan 2014 13:17:49 GMT Server Microsoft-IIS/8.5 ETag "4adbde5abd12cf1:0" X-Powered-By ASP.NET Content-Type image/gif Access-Control-Allow-Origin * Accept-Ranges bytes Content-Length 56694

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

expresslandingpages.com
ez1credit.com
72.3.235.2
72.32.109.3
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
2e281a43986661caf73d4147f121e891fa89365cbed7c4ad47b28d44e64275b8
3671b2f7c42a26fc1ffe807adea6555cfea7b2c7f1439822b9b922a3e86a9450
7a94b0136d704ede83f8d72bf613b005104ad297d649dbc89984f27186571216
adb815a8e4f08f3fd6bda440ce427cf8842fcd194765762ac963753a6264a25a
c2cabff3a6f373928398dcb54117d0c8a5978e63fcc45e210f9141db0a2e1c46
d60ad3da7822731d2063dec52a315e17b645197a75fbfd24150a21a3a9b4241c
da0082f69e85e49b38966a02f1e870778a823d6f49203654e633f242a11c5c1c
dcb64e7fd3c10b42cf72d0be27018d83cb6d00d89838e419b44bb0eb106d6307

ez1credit.com Open in urlscan Pro 72.32.109.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

204 kBTransfer

254 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

ez1credit.com Open in urlscan Pro
72.32.109.3 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

204 kB
Transfer

254 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions