Report - ezdrive.com-luys.xin/us

Report Overview

Visited public
2025-01-26 13:54:23
Tags
URL
ezdrive.com-luys.xin/us
Finishing URL
ezdrive.com-luys.xin/us/
IP / ASN
43.130.9.246
#132203 Tencent Building, Kejizhongyi Avenue
Title
E-ZPass

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ezdrive.com-luys.xin	unknown	2025-01-24	2025-01-26	2025-01-26	4.9 kB	400 kB	43.130.9.246

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2025-01-26	medium	ezdrive.com-luys.xin/us	Other
2025-01-26	medium	ezdrive.com-luys.xin/us/	Other
2025-01-26	medium	ezdrive.com-luys.xin/us/assets/fliceXIj.js	Other
2025-01-26	medium	ezdrive.com-luys.xin/us/assets/DH586UFS.css	Other
2025-01-26	medium	ezdrive.com-luys.xin/us/assets/CfRDt4iX.js	Other
2025-01-26	medium	ezdrive.com-luys.xin/us/assets/BHcjXi3x.gif	Other
2025-01-26	medium	ezdrive.com-luys.xin/front/checkIp?token=123	Other
2025-01-26	medium	ezdrive.com-luys.xin/us/favicon.ico	Other
2025-01-26	medium	ezdrive.com-luys.xin/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTk1MTV9.c2r_P3wxlVTRPeHpfZtC7Bg2szYwKZ-E4vPAECrQ514	Other
2025-01-26	medium	ezdrive.com-luys.xin/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTk1MTV9.c2r_P3wxlVTRPeHpfZtC7Bg2szYwKZ-E4vPAECrQ514	Other

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	ezdrive.com-luys.xin/us/assets/fliceXIj.js	ScriptElement	36 kB	2025-01-24	2025-01-26
Pretty URL ezdrive.com-luys.xin/us/assets/fliceXIj.js IP 43.130.9.246 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 18:56 Last Seen2025-01-26 13:54 Times Seen4 Hash ca1fb65a11cebbde8621e9d9fe85fac9 75a0a45d68d678e7d4e7e55178bc89a7f4e6015d 8780783c4db4576c56d232e772b89d3eda4bf0fffdb4b2d738fcfa002d9a0b0e Loading...

	ezdrive.com-luys.xin/us/assets/CfRDt4iX.js	ScriptElement	800 kB	2025-01-24	2025-01-26
Pretty URL ezdrive.com-luys.xin/us/assets/CfRDt4iX.js IP 43.130.9.246 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 18:56 Last Seen2025-01-26 13:54 Times Seen4 Hash e6c13e961ecdce83fc6f43f61dc42625 d8223517d295ca0bb17b43587acd9971e75ec3a5 8c3ab58724e414a4bde8edabed84504cfb739e94f0280de879cefa43e0b58bd6 Loading...

	ezdrive.com-luys.xin/us/	ScriptElement	328 B	2023-04-07	2025-03-18
Pretty URL ezdrive.com-luys.xin/us/ IP 43.130.9.246 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-03-18 21:01 Times Seen9141 Hash 3cb9786af5e65ff7a58c24c85677a40a 1dcbd37c74e0e059f17066831f594c4c2cd531f7 8bc5a4a4db521fb00a74ed14b2351db552ca6530233a4d403dfe004b6fd38f6a Loading...

	ezdrive.com-luys.xin/us/	ScriptElement	84 B	2023-04-07	2025-04-29
Pretty URL ezdrive.com-luys.xin/us/ IP 43.130.9.246 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-04-29 01:39 Times Seen12100 Hash 528dd01eb509d1fc3c68b48e165c9d77 8d702f33d869eb8c53cf75c17014f96385322395 b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a Loading...

HTTP Transactions (10)

URL IP Response Size

ezdrive.com-luys.xin/us

43.130.9.246

302

0 B

URL User Request GET HTTP/1.1
ezdrive.com-luys.xin/us
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /us HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:53:59 GMT
Content-Length: 0
Connection: keep-alive
Location: /us/
Strict-Transport-Security: max-age=31536000; includeSubDomains

ezdrive.com-luys.xin/us/

43.130.9.246

200

1.2 kB

URL User Request GET HTTP/1.1
ezdrive.com-luys.xin/us/
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (433)
Size
1.2 kB (1200 bytes)
Hash
d55f9fdbcbc01be61c4642d1a8efcad1
620964e56eab7c838123b9f4c14e5ae8bf94239f
b0b647ec20059d8d2dd39f039bace1da0c6601a8bd3f9805c7fe8740abbe4257

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /us/ HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:53:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip

ezdrive.com-luys.xin/us/assets/fliceXIj.js

43.130.9.246

200

11 kB

URL GET HTTP/1.1
ezdrive.com-luys.xin/us/assets/fliceXIj.js
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://ezdrive.com-luys.xin/us/
Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (36320), with no line terminators
Size
11 kB (11029 bytes)
Hash
ca1fb65a11cebbde8621e9d9fe85fac9
75a0a45d68d678e7d4e7e55178bc89a7f4e6015d
8780783c4db4576c56d232e772b89d3eda4bf0fffdb4b2d738fcfa002d9a0b0e

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /us/assets/fliceXIj.js HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ezdrive.com-luys.xin/us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:54:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip

ezdrive.com-luys.xin/us/assets/DH586UFS.css

43.130.9.246

200

90 kB

URL GET HTTP/1.1
ezdrive.com-luys.xin/us/assets/DH586UFS.css
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://ezdrive.com-luys.xin/us/
Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type
ASCII text, with very long lines (64584)
Size
90 kB (89556 bytes)
Hash
2c9793a6a8c6679b7e4232769eb1556b
517ca1b20a8411c9753db0e4a4111312d360febc
a471a2c6c9c4a67aa4012bd89846509d1616de30ae9d08163a2f9fdf9aa42ea9

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /us/assets/DH586UFS.css HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ezdrive.com-luys.xin/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:54:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip

ezdrive.com-luys.xin/us/assets/CfRDt4iX.js

43.130.9.246

200

235 kB

URL GET HTTP/1.1
ezdrive.com-luys.xin/us/assets/CfRDt4iX.js
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://ezdrive.com-luys.xin/us/
Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31253)
Size
235 kB (234874 bytes)
Hash
e6c13e961ecdce83fc6f43f61dc42625
d8223517d295ca0bb17b43587acd9971e75ec3a5
8c3ab58724e414a4bde8edabed84504cfb739e94f0280de879cefa43e0b58bd6

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /us/assets/CfRDt4iX.js HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ezdrive.com-luys.xin/us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:54:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip

ezdrive.com-luys.xin/us/assets/BHcjXi3x.gif

43.130.9.246

200

60 kB

URL GET HTTP/1.1
ezdrive.com-luys.xin/us/assets/BHcjXi3x.gif
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://ezdrive.com-luys.xin/us/
Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type
GIF image data, version 89a, 256 x 256
Size
60 kB (59994 bytes)
Hash
fadd89694f57f3d6143989b62b09b288
1c6d340af3c4b392538a96c9313136fb23087aa0
7515437df23c4af47700948c1650f0f9460da07e86a9447d33cfda1f36c91052

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /us/assets/BHcjXi3x.gif HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ezdrive.com-luys.xin/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:54:00 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains

ezdrive.com-luys.xin/front/checkIp?token=123

43.130.9.246

200

226 B

URL GET HTTP/1.1
ezdrive.com-luys.xin/front/checkIp?token=123
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://ezdrive.com-luys.xin/us/
Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type
JSON text data
Size
226 B (226 bytes)
Hash
33806bc9cbd5ab1894cf24644ba7c799
cfdee7443adca25ad83af59fee426f6ee1e3df6c
802329d0f9807530083027dbd49c6eea08d1a3d04f7124864574bb59c42e8b43

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /front/checkIp?token=123 HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ezdrive.com-luys.xin/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:54:01 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 226
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Strict-Transport-Security: max-age=31536000; includeSubDomains

ezdrive.com-luys.xin/us/favicon.ico

43.130.9.246

200

515 B

URL GET HTTP/1.1
ezdrive.com-luys.xin/us/favicon.ico
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://ezdrive.com-luys.xin/us/
Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
515 B (515 bytes)
Hash
3e16cdc8a526f98078f67177641f707a
2d00c86557e36bab3dfa715fac2ec0c41bf4c914
285bf3f460102421d4ceab8f1fa2702a8ff03808f07515c4033a193273c9e09e

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /us/favicon.ico HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ezdrive.com-luys.xin/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:54:01 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 515
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains

ezdrive.com-luys.xin/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTk1MTV9.c2r_P3wxlVTRPeHpfZtC7Bg2szYwKZ-E4vPAECrQ514

43.130.9.246

101

0 B

URL
ezdrive.com-luys.xin/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTk1MTV9.c2r_P3wxlVTRPeHpfZtC7Bg2szYwKZ-E4vPAECrQ514
IP
43.130.9.246:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTk1MTV9.c2r_P3wxlVTRPeHpfZtC7Bg2szYwKZ-E4vPAECrQ514 HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ezdrive.com-luys.xin
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b2hgkvJpBuptWmP8GBtYoA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:54:01 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PKHuR1XOnus8OYMMWXRr6EF5s/k=
Sec-WebSocket-Extensions: permessage-deflate
Strict-Transport-Security: max-age=31536000; includeSubDomains

ezdrive.com-luys.xin/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTk1MTV9.c2r_P3wxlVTRPeHpfZtC7Bg2szYwKZ-E4vPAECrQ514

43.130.9.246

101

0 B

URL GET HTTP/1.1
ezdrive.com-luys.xin/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTk1MTV9.c2r_P3wxlVTRPeHpfZtC7Bg2szYwKZ-E4vPAECrQ514
IP
43.130.9.246:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://ezdrive.com-luys.xin/us/
Certificate
IssuerLet's Encrypt
Subjectezdrive.com-luys.xin
FingerprintF7:B2:0B:9C:FC:AF:4F:43:3E:D1:60:D0:67:3B:1B:48:BD:27:2C:7A
ValidityFri, 24 Jan 2025 11:44:42 GMT - Thu, 24 Apr 2025 11:44:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTk1MTV9.c2r_P3wxlVTRPeHpfZtC7Bg2szYwKZ-E4vPAECrQ514 HTTP/1.1
Host: ezdrive.com-luys.xin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ezdrive.com-luys.xin
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b2hgkvJpBuptWmP8GBtYoA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 
Server: nginx/1.27.3
Date: Sun, 26 Jan 2025 13:54:01 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PKHuR1XOnus8OYMMWXRr6EF5s/k=
Sec-WebSocket-Extensions: permessage-deflate
Strict-Transport-Security: max-age=31536000; includeSubDomains

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1