www.ziptoto.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3037::ac43:cd0f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ziptoto.com.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time www.ziptoto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3037::ac43:cd0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4006:812::2001	15169 (GOOGLE) (GOOGLE)
1	172.67.205.15 172.67.205.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3

2 2606:4700:3037::ac43:cd0f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ziptoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ziptoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:812::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.205.15 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ziptoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ziptoto.com 1 redirects ziptoto.com www.ziptoto.com	14 KB
2	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 517	66 KB
4	2

	Domain	Requested by
2	cdn.ampproject.org	www.ziptoto.com cdn.ampproject.org
2	www.ziptoto.com
1	ziptoto.com	1 redirects
4	3

This site contains no links.

Subject Issuer	Validity	Valid
ziptoto.com WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ziptoto.com/
Frame ID: 0D65991452C856CC6EB82ECF102719F8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ziptoto.com/ HTTP 307
https://ziptoto.com/ HTTP 308
https://www.ziptoto.com/ Page URL

Page Statistics

4
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

80 kB
Transfer

267 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ziptoto.com/ HTTP 307
https://ziptoto.com/ HTTP 308
https://www.ziptoto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ziptoto.com/
Redirect Chain

http://ziptoto.com/
https://ziptoto.com/
https://www.ziptoto.com/

12 KB
4 KB

1077ms
972ms

Document
text/html

2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ziptoto.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e407f2afdab9b00bb43336cef5066ff641a1d16bf6156f0a08b19aa9a82a37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
age: 2314572
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da58ff789a28677-PER
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 19:27:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrkmbmTdhnLtReq%2BOc1VXgPw716f8OQ9c%2BsMfXp0tNvVYfvEfzNP3eFzGrMEN7SXi3jo1X7XFuzLfeBY8Q5cubvToPK6lm8Uxi0m1yIHATVTsG2xVXOkxk20coDqqJoTFCSQMJ4rWO2iIMCVmj0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=47274&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4871&recv_bytes=2430&delivery_rate=85460&cwnd=249&unsent_bytes=0&cid=9b807230e5aed4fc&ts=1294&x=0"
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url accept-encoding
x-matched-path: /_sites/[site]
x-vercel-cache: STALE
x-vercel-id: syd1::wddwp-1730230040369-b4cec7697c3a

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8da58ff598ee8677-PER
content-type: text/html
date: Tue, 29 Oct 2024 19:27:20 GMT
location: https://www.ziptoto.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh: 0;url=https://www.ziptoto.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhEglHurjUBEVxItavHdoTvlStu0XiDWJxy%2BhnWQcueL5Mel2yj1Z9Bs5oio45WyFTazuqMEhIGjD7uIybzaqyTmyH9MHLWwIVgVIhAqe3ErXz9iw8vTmKIhEHuZaq1dl3bKYhbhxZtaTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=47261&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3977&recv_bytes=2368&delivery_rate=85460&cwnd=246&unsent_bytes=0&cid=9b807230e5aed4fc&ts=215&x=0"
strict-transport-security: max-age=63072000
x-vercel-id: syd1::vsf9v-1730230040050-736006b05319

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
63 KB 486ms
142ms Script
text/javascript 2404:6800:4006:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: www.ziptoto.com
URL: https://www.ziptoto.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6135fb9bc76250a8f91bbf718b8c6b3dcccaf10584fb76ec8741befd180dbd51

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://www.ziptoto.com
Referer: https://www.ziptoto.com/

Response headers

content-encoding: br
etag: "23abcdba7c36547b"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 19:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 19:27:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 63634
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
www.ziptoto.com/ 25 KB
10 KB 440ms
439ms Other
image/vnd.microsoft.icon 172.67.205.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ziptoto.com/favicon.ico

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.205.15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.ziptoto.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"c30c7d42707a47a3f4591831641e50dc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qourYOLquTrU%2BvtXJa2oUhiXMdaMBqSEMFvzNLIMsCPXmkD7wfNXPsHtzuc%2F59o4OknKf16qkv8936gCMJTmRiJi%2F1%2BEWQcSBABdQ0Lm7ZzC9fTtHiiPOYqvW0oXhO9IMVI%3D"}],"group":"cf-nel","max_age":604800}
x-matched-path: /favicon.ico
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47201&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4163&recv_bytes=4475&delivery_rate=384&cwnd=12000&unsent_bytes=0&cid=8654be67b078d9db&ts=2025&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 19:27:22 GMT
content-type: image/vnd.microsoft.icon
content-disposition: inline; filename="favicon.ico"
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 19:27:22 GMT
strict-transport-security: max-age=63072000
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-cache: HIT
cf-ray: 8da59001cc1b7382-PER
access-control-allow-origin: *
server: cloudflare
x-vercel-id: syd1::86vjb-1730230042002-283f8e053ee6

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012410161801000/v0/ 7 KB
3 KB 43ms
42ms Script
text/javascript 2404:6800:4006:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410161801000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5e080a9de2c02b375c0db535bcbd442b4eac89932532661560029311fdfda9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://www.ziptoto.com
Referer: https://www.ziptoto.com/

Response headers

content-encoding: br
etag: "b8502452bfebf99a"
age: 3368
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 18:31:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 18:31:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2819
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
www.ziptoto.com
ziptoto.com
172.67.205.15
2404:6800:4006:812::2001
2606:4700:3037::ac43:cd0f
2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932
6135fb9bc76250a8f91bbf718b8c6b3dcccaf10584fb76ec8741befd180dbd51
9e407f2afdab9b00bb43336cef5066ff641a1d16bf6156f0a08b19aa9a82a37f
ac5e080a9de2c02b375c0db535bcbd442b4eac89932532661560029311fdfda9

www.ziptoto.com Open in urlscan Pro 2606:4700:3037::ac43:cd0f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

67 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

80 kBTransfer

267 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.ziptoto.com Open in urlscan Pro
2606:4700:3037::ac43:cd0f Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

80 kB
Transfer

267 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions