payment-ziko.dev.mediasia.cn Open in urlscan Pro
118.31.173.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payment-ziko.dev.mediasia.cn/
Submission: On March 07 via automatic, source certstream-suspicious (March 7th 2023, 7:31:27 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 118.31.173.12, located in Hangzhou, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is payment-ziko.dev.mediasia.cn.
TLS certificate: Issued by R3 on January 8th 2023. Valid for: 3 months.

This is the only time payment-ziko.dev.mediasia.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	118.31.173.12 118.31.173.12	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	43.152.28.36 43.152.28.36	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
10	2

9 118.31.173.12 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

payment-ziko.dev.mediasia.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.28.36 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

res.wx.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mediasia.cn payment-ziko.dev.mediasia.cn	1 MB
1	qq.com res.wx.qq.com — Cisco Umbrella Rank: 10411	4 KB
10	2

	Domain	Requested by
9	payment-ziko.dev.mediasia.cn	payment-ziko.dev.mediasia.cn
1	res.wx.qq.com	payment-ziko.dev.mediasia.cn
10	2

This site contains no links.

Subject Issuer	Validity	Valid
ziko.dev.mediasia.cn R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
weixin.qq.com DigiCert Secure Site CN CA G3	`2022-07-05` - `2023-08-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://payment-ziko.dev.mediasia.cn/
Frame ID: BA1D32B53613281444BB536D7FB94DB3
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZIKO PAY

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1279 kB
Transfer

1394 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
payment-ziko.dev.mediasia.cn/ 736 B
769 B 1567ms
294ms Document
text/html 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment-ziko.dev.mediasia.cn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b27079e36036832be15130f46eb62d28f5d05bd301d8438221611e48324d0e46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 432
Content-Type: text/html
Date: Tue, 07 Mar 2023 19:31:18 GMT
ETag: "2e0-5f5e8dcb3fbdb-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK jweixin-1.2.0.js Show response
res.wx.qq.com/open/js/ 11 KB
4 KB 2376ms
31ms Script
application/x-javascript 43.152.28.36
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://res.wx.qq.com/open/js/jweixin-1.2.0.js

Requested by

Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.28.36 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

nginx/1.8.1 /

Resource Hash

f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment-ziko.dev.mediasia.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 04:31:15 GMT
Strict-Transport-Security: max-age=3600
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit, Hit From Inner Cluster
Connection: keep-alive
X-Verify-Code: bc6b965a9c564f77a4a6288b337bdc13
Content-Length: 3818
Last-Modified: Sat, 18 Feb 2023 04:30:00 GMT
Server: nginx/1.8.1
Vary: Origin
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://open.weixin.qq.com
Cache-Control: must-revalidate, max-age=31536000
X-Daa-Tunnel: hop_count=1
X-NWS-LOG-UUID: 6749253255653622115
Accept-Ranges: bytes
Expires: Sun, 18 Feb 2024 04:31:15 GMT

GET
H/1.1 200
OK main.65c5a53d.js Show response
payment-ziko.dev.mediasia.cn/static/js/ 156 KB
50 KB 298ms
298ms Script
application/javascript 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment-ziko.dev.mediasia.cn/static/js/main.65c5a53d.js
Requested by: Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: cde049a41db01368ddee26b74e89b86c93ddbf9dd256b4f50286090bf68d29bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment-ziko.dev.mediasia.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 19:31:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2712c-5f5e8dcb40b7b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 51146

GET
H/1.1 200
OK main.c0809227.css
payment-ziko.dev.mediasia.cn/static/css/ 7 KB
2 KB 307ms
306ms Stylesheet
text/css 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Requested by: Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5a1faeeb51d247f0c7f5b39bc7bd35622b336f92adb1628944b4f7824bbac1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment-ziko.dev.mediasia.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 19:31:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1b63-5f5e8dcb40b7b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2218

GET
H/1.1 200
OK Gilroy-ExtraBold.f0feeaf3468f1ac2b9cd.otf
payment-ziko.dev.mediasia.cn/static/media/ 53 KB
54 KB 324ms
323ms Font
font/ttf 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment-ziko.dev.mediasia.cn/static/media/Gilroy-ExtraBold.f0feeaf3468f1ac2b9cd.otf
Requested by: Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 0133989fb2eac1b82a0f8c8b61749805c835768cb6f011914f8d17179131c493

Request headers

Referer: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Origin: https://payment-ziko.dev.mediasia.cn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 19:31:21 GMT
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "d5f8-5f5e8dcb3fbdb"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 54776

GET
H/1.1 200
OK RobotoCondensed-Regular.d1f19e1609d0d5ebc467.ttf
payment-ziko.dev.mediasia.cn/static/media/ 122 KB
123 KB 340ms
339ms Font
font/ttf 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment-ziko.dev.mediasia.cn/static/media/RobotoCondensed-Regular.d1f19e1609d0d5ebc467.ttf
Requested by: Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6dc7ba162db365941a23c68f8417eca8884c821ff6104a5a7f825ce090407b77

Request headers

Referer: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Origin: https://payment-ziko.dev.mediasia.cn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 19:31:21 GMT
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1e994-5f5e8dcb3fbdb"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 125332

GET
H/1.1 200
OK RobotoCondensed-Bold.083cbc1da8885b990958.ttf
payment-ziko.dev.mediasia.cn/static/media/ 124 KB
125 KB 970ms
321ms Font
font/ttf 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment-ziko.dev.mediasia.cn/static/media/RobotoCondensed-Bold.083cbc1da8885b990958.ttf
Requested by: Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d94d017723b22355dafd45928737ad00d1c8e4a8db017158fd6a239c4d5d8a5d

Request headers

Referer: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Origin: https://payment-ziko.dev.mediasia.cn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 19:31:21 GMT
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1f16c-5f5e8dcb40b7b"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 127340

GET
H/1.1 200
OK Nunito-Regular.bb0b7104629b11c4f366.ttf
payment-ziko.dev.mediasia.cn/static/media/ 151 KB
151 KB 1001ms
331ms Font
font/ttf 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment-ziko.dev.mediasia.cn/static/media/Nunito-Regular.bb0b7104629b11c4f366.ttf
Requested by: Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 880ead818af373b0da8c2a3e493f7d0a9c1db149a67a867b04f0952c475d667a

Request headers

Referer: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Origin: https://payment-ziko.dev.mediasia.cn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 19:31:21 GMT
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "25ac8-5f5e8dcb40b7b"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 154312

GET
H/1.1 200
OK landing.997792eb8555d0dbd244.svg
payment-ziko.dev.mediasia.cn/static/media/ 650 KB
650 KB 973ms
319ms Image
image/svg+xml 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment-ziko.dev.mediasia.cn/static/media/landing.997792eb8555d0dbd244.svg
Requested by: Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7efc3433b77a3cffaefe6768b77d0a479e2cadf47da39263e4394421cc91bb11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 19:31:21 GMT
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a2721-5f5e8dcb3fbdb"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 665377

GET
H/1.1 200
OK welcome.d99c538bfa52c4e42212.png
payment-ziko.dev.mediasia.cn/static/media/ 118 KB
118 KB 983ms
321ms Image
image/png 118.31.173.12
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment-ziko.dev.mediasia.cn/static/media/welcome.d99c538bfa52c4e42212.png
Requested by: Host: payment-ziko.dev.mediasia.cn
URL: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.31.173.12 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c0d922a48a5c4ba1c4084a43a7ef1f7ac1042cfdb13068a7cd53f477afac9ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment-ziko.dev.mediasia.cn/static/css/main.c0809227.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 19:31:21 GMT
Last-Modified: Thu, 02 Mar 2023 11:09:27 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1d8d5-5f5e8dcb40b7b"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 121045

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| jWeixin object| wx

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

payment-ziko.dev.mediasia.cn
res.wx.qq.com
118.31.173.12
43.152.28.36
0133989fb2eac1b82a0f8c8b61749805c835768cb6f011914f8d17179131c493
5a1faeeb51d247f0c7f5b39bc7bd35622b336f92adb1628944b4f7824bbac1dc
6dc7ba162db365941a23c68f8417eca8884c821ff6104a5a7f825ce090407b77
7efc3433b77a3cffaefe6768b77d0a479e2cadf47da39263e4394421cc91bb11
880ead818af373b0da8c2a3e493f7d0a9c1db149a67a867b04f0952c475d667a
b27079e36036832be15130f46eb62d28f5d05bd301d8438221611e48324d0e46
c0d922a48a5c4ba1c4084a43a7ef1f7ac1042cfdb13068a7cd53f477afac9ab2
cde049a41db01368ddee26b74e89b86c93ddbf9dd256b4f50286090bf68d29bf
d94d017723b22355dafd45928737ad00d1c8e4a8db017158fd6a239c4d5d8a5d
f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f

payment-ziko.dev.mediasia.cn Open in urlscan Pro 118.31.173.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1279 kBTransfer

1394 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

payment-ziko.dev.mediasia.cn Open in urlscan Pro
118.31.173.12 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1279 kB
Transfer

1394 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions