z0n2.com - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 5 HTTP transactions. The main IP is 172.67.179.12, located in United States and belongs to CLOUDFLARENET, US. The main domain is z0n2.com.
TLS certificate: Issued by GTS CA 1P5 on June 27th 2023. Valid for: 3 months.

This is the only time z0n2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.179.12 172.67.179.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	23.42.157.16 23.42.157.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.44.51.211 23.44.51.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	172.67.168.167 172.67.168.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	172.67.162.203 172.67.162.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	4

1 172.67.179.12 (United States)

ASN13335 (CLOUDFLARENET, US)

z0n2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.42.157.16 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-42-157-16.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.51.211 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-51-211.deploy.static.akamaitechnologies.com

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.168.167 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aws.whitesinger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.162.203 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aws0cpa.logdb.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	logdb.cloud 1 redirects aws0cpa.logdb.cloud	833 B
2	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13682	554 B
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 9721 img6.wsimg.com — Cisco Umbrella Rank: 11920	12 KB
1	whitesinger.com 1 redirects aws.whitesinger.com	446 B
1	z0n2.com z0n2.com	823 B
5	5

	Domain	Requested by
2	aws0cpa.logdb.cloud	1 redirects
2	events.api.secureserver.net	img1.wsimg.com
1	aws.whitesinger.com	1 redirects
1	img6.wsimg.com	z0n2.com
1	img1.wsimg.com	1 redirects
1	z0n2.com
5	6

This site contains no links.

Subject Issuer	Validity	Valid
z0n2.com GTS CA 1P5	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2023-07-10` - `2024-08-10`	a year	crt.sh
logdb.cloud GTS CA 1P5	`2023-06-27` - `2023-09-25`	3 months	crt.sh

This page contains 1 frames:

Frame: https://aws0cpa.logdb.cloud/directory/Login/login.php
Frame ID: B33FAE709CB6A96D48D6F75202522221
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

13 kB
Transfer

46 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

Request Chain 3

https://aws.whitesinger.com/ HTTP 301
https://aws0cpa.logdb.cloud/directory/ HTTP 302
https://aws0cpa.logdb.cloud/directory/Login/login.php

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
z0n2.com/xrUX/ 638 B
823 B 828ms
452ms Document
text/html 172.67.179.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://z0n2.com/xrUX/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.179.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.18
Resource Hash: 0e008c67555617aadef48080f62c2239a6b056472e5efcf632c5e395616316e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e5df3db1b8a838a-KIX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 13 Jul 2023 02:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbOG99l85p3tMoa0awAIf1yV9UhzJ0zu6rEZ29jBYzujmykYNfdJ9tg6moReGFresc67EnTgpOESSAbCGxzOG2Q8cWzzmNFs2Qi0%2FulbhOqB89k6vCoqLfpW2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.18

GET
H2

200

tccl.min.js Show response
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

45 KB
12 KB

53ms
49ms

Script
application/javascript

23.42.157.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by: Host: z0n2.com
URL: https://z0n2.com/xrUX/
Protocol: H2
Server: 23.42.157.16 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-42-157-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://z0n2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding: br
date: Thu, 13 Jul 2023 02:03:59 GMT
x-amz-request-id: FH0P3E93SF8PA32Y
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469226_388668684_287165817_18_1479_36_0_219";dur=1
content-length: 11347
x-amz-id-2: vfCRznBpTwUzsQTqqHQrPBdgJL8bd9m6fgJ2RsnQ7TUvg/tSMOpz6ogFdrj21JebiN+bK0g/VZM=
last-modified: Tue, 29 Nov 2022 21:26:18 GMT
etag: "5c3e20ad749ddb088afc84b1b7ff009e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin: *
date: Thu, 13 Jul 2023 02:03:59 GMT
cache-control: max-age=1800
timing-allow-origin: *
content-length: 0
expires: Thu, 13 Jul 2023 02:33:59 GMT

GET
H2 200 event
events.api.secureserver.net/t/1/tl/ 43 B
277 B 612ms
152ms XHR
image/gif 23.44.51.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1689213839244&dh=z0n2.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&vci=415487586&cv=2.0.1&z=1785880155&vg=d9a5f9ff-0bbc-5732-b1ec-62cf574a6328&vtg=d9a5f9ff-0bbc-5732-b1ec-62cf574a6328&dp=%2FxrUX&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0126%22%2C%22dcenter%22%3A%22a2%22%2C%22cp_id%22%3A%226972160%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=ebefbf2d-9f10-5836-91f6-b11680c21f3d&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.44.51.211 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-211.deploy.static.akamaitechnologies.com

Software

/

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://z0n2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Thu, 13 Jul 2023 02:03:59 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://z0n2.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event
events.api.secureserver.net/t/1/tl/ 43 B
277 B 640ms
183ms XHR
image/gif 23.44.51.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1689213839248&dh=z0n2.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&vci=415487586&cv=2.0.1&z=1202567967&vg=d9a5f9ff-0bbc-5732-b1ec-62cf574a6328&vtg=d9a5f9ff-0bbc-5732-b1ec-62cf574a6328&dp=%2FxrUX&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0126%22%2C%22dcenter%22%3A%22a2%22%2C%22cp_id%22%3A%226972160%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=8386dd2c-07c0-50c8-bc23-ba4b97aae08f&ht=perf&tce=1689213838561&tcs=1689213838193&tdc=1689213839245&tdclee=1689213839245&tdcles=1689213839245&tdi=1689213839245&tdl=1689213839015&tdle=1689213838193&tdls=1689213838185&tfs=1689213838184&tns=1689213838184&trqs=1689213838561&tre=1689213839013&trps=1689213839012&tles=1689213839245&tlee=0&nt=navigate&lcp=852&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.44.51.211 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-211.deploy.static.akamaitechnologies.com

Software

/

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://z0n2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Thu, 13 Jul 2023 02:03:59 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://z0n2.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2

200

login.php Show response
aws0cpa.logdb.cloud/directory/Login/
Redirect Chain

https://aws.whitesinger.com/
https://aws0cpa.logdb.cloud/directory/
https://aws0cpa.logdb.cloud/directory/Login/login.php

0
271 B

523ms
522ms

Document
text/html

172.67.162.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aws0cpa.logdb.cloud/directory/Login/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.18
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://z0n2.com/xrUX/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e5df3eaaaa517c2-KIX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 13 Jul 2023 02:04:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYyzOEnTXwz5RQGE0VfjPOEzlD9JBtcZsxGMNyTRhl9GyLrlaWpeHeSzbWeZHyrCxZ1tSVDIN8Ycch4WSkuQP6gMUK2uq4GGYkOGYtWVQkRj8psVKG42TRZmgzQ5gEGmzcgbcDe%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.18

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e5df3e7eff817c2-KIX
content-type: text/html; charset=UTF-8
date: Thu, 13 Jul 2023 02:04:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: Login/login.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKCYwpSzbxvE%2FmJpgEs%2BRo29gCBvkNasSbQDUyKXDdzM%2BnDBlzXWTQJVgRTGdqanhZzgX1J53OJNFLDF%2BsmcQ4rsdi0La0a1im1kTUkkfkUgJ9G1%2FBnkb8PwEVZTZXS2lzRTJwXp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.18

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.z0n2.com/	1970-01-20 21:59:09	Name: _tccl_visitor Value: d9a5f9ff-0bbc-5732-b1ec-62cf574a6328
.z0n2.com/	1970-01-20 13:13:35	Name: _tccl_visit Value: d9a5f9ff-0bbc-5732-b1ec-62cf574a6328
aws0cpa.logdb.cloud/	1969-12-31 23:59:59	Name: PHPSESSID Value: nab4d440lvu8ksjutisoins8n9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aws.whitesinger.com
aws0cpa.logdb.cloud
events.api.secureserver.net
img1.wsimg.com
img6.wsimg.com
z0n2.com
172.67.162.203
172.67.168.167
172.67.179.12
23.42.157.16
23.44.51.211
0e008c67555617aadef48080f62c2239a6b056472e5efcf632c5e395616316e2
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

z0n2.com Open in urlscan Pro 172.67.179.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

80 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

4 IPs

2 Countries

13 kBTransfer

46 kBSize

3 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

3 Cookies

Indicators

z0n2.com Open in urlscan Pro
172.67.179.12 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

13 kB
Transfer

46 kB
Size

3
Cookies

5 HTTP transactions
0 data transactions