ziptorhat.com Open in urlscan Pro
141.98.1.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gardix.pro/t/4Ovhzm38703ANpZ66jjnxvavtov593LRBCVSSXBVTWWAE17963TKCX874x14
Effective URL:
https://ziptorhat.com/0/0/0/a92a577e513f7dc63565cdc6bd841a0b/14/66-38703/593-17963-874
Submission: On September 04 via manual (September 4th 2024, 10:53:52 pm UTC) from SE — Scanned from SE

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 141.98.1.71, located in Ashburn, United States and belongs to COGENT-174, US. The main domain is ziptorhat.com.
TLS certificate: Issued by R10 on July 21st 2024. Valid for: 3 months.

This is the only time ziptorhat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	74.121.184.249 74.121.184.249	23033 (WOW) (WOW)
1	141.98.1.71 141.98.1.71	174 (COGENT-174) (COGENT-174)
3	3

1 74.121.184.249 (United States)

ASN23033 (WOW, US)
PTR: xoecdjpw.fun

gardix.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.98.1.71 (Ashburn, United States)

ASN174 (COGENT-174, US)

ziptorhat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	ziptorhat.com ziptorhat.com	406 B
1	gardix.pro gardix.pro	469 B
0	expressvpn.com Failed www.expressvpn.com Failed
3	3

	Domain	Requested by
1	ziptorhat.com	gardix.pro
1	gardix.pro
0	www.expressvpn.com Failed	ziptorhat.com
3	3

This site contains no links.

Subject Issuer	Validity	Valid
gardix.pro E6	`2024-07-26` - `2024-10-24`	3 months	crt.sh
ziptorhat.com R10	`2024-07-21` - `2024-10-19`	3 months	crt.sh

This page contains 1 frames:

Frame: https://www.expressvpn.com/
Frame ID: 4BA7075AC4F21BD1F93A31B096C25088
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gardix.pro/t/4Ovhzm38703ANpZ66jjnxvavtov593LRBCVSSXBVTWWAE17963TKCX874x14 Page URL
https://ziptorhat.com/0/0/0/a92a577e513f7dc63565cdc6bd841a0b/14/66-38703/593-17963-874 Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1 kB
Transfer

0 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gardix.pro/t/4Ovhzm38703ANpZ66jjnxvavtov593LRBCVSSXBVTWWAE17963TKCX874x14 Page URL
https://ziptorhat.com/0/0/0/a92a577e513f7dc63565cdc6bd841a0b/14/66-38703/593-17963-874 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://bjwai.fastactionlink.com/?kw=31&s1=351254&s2=1224888628&s3=31 HTTP 301
https://expressvpn.com/ HTTP 301
https://www.expressvpn.com/

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	4Ovhzm38703ANpZ66jjnxvavtov593LRBCVSSXBVTWWAE17963TKCX874x14 Show response gardix.pro/t/	298 B 469 B	1075ms 573ms	Document text/html	74.121.184.249 WOW
General Check archive.org Show headers Download Go to Full URL https://gardix.pro/t/4Ovhzm38703ANpZ66jjnxvavtov593LRBCVSSXBVTWWAE17963TKCX874x14 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.121.184.249 , United States, ASN23033 (WOW, US), Reverse DNS xoecdjpw.fun Software / Resource Hash `7a9159a379e061221a7584c7c0fccf7d83761655bfec24f1c9e353887be7782a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-length 298 content-type text/html; charset=utf-8 date Wed, 04 Sep 2024 22:53:38 GMT x-address gin_throttle_mw_7200000000_172.111.204.43 x-ratelimit-limit 500 x-ratelimit-remaining 496 x-ratelimit-reset 1725493807
GET H2	200	Primary Request 593-17963-874 Show response ziptorhat.com/0/0/0/a92a577e513f7dc63565cdc6bd841a0b/14/66-38703/	132 B 406 B	1350ms 683ms	Document text/html	141.98.1.71 COGENT-174
General Check archive.org Show headers Download Go to Full URL https://ziptorhat.com/0/0/0/a92a577e513f7dc63565cdc6bd841a0b/14/66-38703/593-17963-874 Requested by Host: gardix.pro URL: https://gardix.pro/t/4Ovhzm38703ANpZ66jjnxvavtov593LRBCVSSXBVTWWAE17963TKCX874x14 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 141.98.1.71 Ashburn, United States, ASN174 (COGENT-174, US), Reverse DNS Software nginx/1.12.2 / Resource Hash `086d831720eb16a6408e57ec8cca6118c0dea28c3f872337e0433992ef49876d` Request headers Referer https://gardix.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 04 Sep 2024 22:53:40 GMT server nginx/1.12.2 vary Accept-Encoding
GET		/ www.expressvpn.com/ Redirect Chain https://bjwai.fastactionlink.com/?kw=31&s1=351254&s2=1224888628&s3=31 https://expressvpn.com/ https://www.expressvpn.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.expressvpn.com
URL: https://www.expressvpn.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ziptorhat.com/	1970-01-21 00:01:22	Name: uid31 Value: 1224888628-20240904185340-205ceb2c4a97620680e291eba1f98d7f-3837

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gardix.pro
www.expressvpn.com
ziptorhat.com
www.expressvpn.com
141.98.1.71
74.121.184.249
086d831720eb16a6408e57ec8cca6118c0dea28c3f872337e0433992ef49876d
7a9159a379e061221a7584c7c0fccf7d83761655bfec24f1c9e353887be7782a

ziptorhat.com Open in urlscan Pro 141.98.1.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1 kBTransfer

0 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

ziptorhat.com Open in urlscan Pro
141.98.1.71 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1 kB
Transfer

0 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions