urlscan.io logo urlscan.io
SecurityTrails logo

zip-pay-australia.xyz Open in urlscan Pro
172.245.56.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zippaidaustralia.top/
Effective URL: https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
Submission Tags: @phish_report
Submission: On November 02 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 172.245.56.83, located in San Jose, United States and belongs to AS-COLOCROSSING, US. The main domain is zip-pay-australia.xyz.
TLS certificate: Issued by R3 on October 31st 2023. Valid for: 3 months.
This is the only time zip-pay-australia.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 192.3.105.58 36352 (AS-COLOCR...)
9 172.245.56.83 36352 (AS-COLOCR...)
5 122.189.171.55 4837 (CHINA169-...)
1 172.253.118.95 15169 (GOOGLE)
1 172.64.150.121 13335 (CLOUDFLAR...)
3 199.232.46.208 54113 (FASTLY)
21 6
2    192.3.105.58 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: yukonfit.com
zippaidaustralia.top
9    172.245.56.83 (San Jose, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 172-245-56-83-host.colocrossing.com
zip-pay-australia.xyz
5    122.189.171.55 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
cdn.bootcdn.net
1    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
1    172.64.150.121 (United States)

ASN13335 (CLOUDFLARENET, US)
zip.co
3    199.232.46.208 (Singapore, Singapore)

ASN54113 (FASTLY, US)
zip-co-media.imgix.net
Apex Domain
Subdomains		 Transfer
9 zip-pay-australia.xyz
zip-pay-australia.xyz
31 KB
5 bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 118658
139 KB
3 imgix.net
zip-co-media.imgix.net
88 KB
2 zippaidaustralia.top
zippaidaustralia.top
3 KB
1 zip.co
zip.co — Cisco Umbrella Rank: 25641
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
21 6
Domain Requested by
9 zip-pay-australia.xyz zippaidaustralia.top
zip-pay-australia.xyz
cdn.bootcdn.net
5 cdn.bootcdn.net zip-pay-australia.xyz
cdn.bootcdn.net
3 zip-co-media.imgix.net zip-pay-australia.xyz
zip-co-media.imgix.net
2 zippaidaustralia.top zippaidaustralia.top
1 zip.co zip-pay-australia.xyz
1 fonts.googleapis.com zip-pay-australia.xyz
21 6

This site contains no links.

Subject Issuer Validity Valid
zippaidaustralia.top
R3		 2023-10-31 -
2024-01-29		 3 months crt.sh
zip-pay-australia.xyz
R3		 2023-10-31 -
2024-01-29		 3 months crt.sh
*.bootcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-17 -
2024-08-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-05 -
2024-04-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
Frame ID: 95CCA779B05E903FFC5E30D6016A013E
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zip | Sign In

Page URL History Show full URLs

  1. https://zippaidaustralia.top/ Page URL
  2. https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

264 kB
Transfer

690 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zippaidaustralia.top/ Page URL
  2. https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
zippaidaustralia.top/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zippaidaustralia.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.3.105.58 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
yukonfit.com
Software
nginx /
Resource Hash
b4ee6ebf00ffa2d3e2fa1ce7097c589068cb6447175967dddf181097b7dd3425
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 04:08:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
pages.js
zippaidaustralia.top/ 		606 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zippaidaustralia.top/pages.js
Requested by
Host: zippaidaustralia.top
URL: https://zippaidaustralia.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.3.105.58 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
yukonfit.com
Software
nginx /
Resource Hash
039c747b73e5d82e52f8e42fd9bc05ea4f07d332daa665188bb3d333f0cd9ea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zippaidaustralia.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:14 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 05 Jun 2023 13:14:16 GMT
server
nginx
etag
"647ddfa8-25e"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
606
expires
Thu, 02 Nov 2023 16:08:14 GMT
Primary Request index.php
zip-pay-australia.xyz/web/page/ 		236 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
Requested by
Host: zippaidaustralia.top
URL: https://zippaidaustralia.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
3f365882ac35da065764f2c7c51b7ed6c8a02eeafff73b0dfcf81a5d4b41e4e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://zippaidaustralia.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 04:08:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
init.js
zip-pay-australia.xyz/web/page/pre_static/js/ 		1 KB
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zip-pay-australia.xyz/web/page/pre_static/js/init.js
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
922197bcd21c400246acb6ba098d2ad8073697c670674e820848acc664d99d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 04:54:54 GMT
server
nginx
etag
W/"64815f1e-472"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 02 Nov 2023 16:08:16 GMT
get_index.js
zip-pay-australia.xyz/web/page/pre_static/js/ 		181 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zip-pay-australia.xyz/web/page/pre_static/js/get_index.js
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
c6d2ffc882cde73789bef646bc310c93b62184c8d0573aeceab4709ac0ea57ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:16 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 06 Jun 2023 09:07:22 GMT
server
nginx
etag
"647ef74a-b5"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
181
expires
Thu, 02 Nov 2023 16:08:16 GMT
axios.js
cdn.bootcdn.net/ajax/libs/axios/1.3.6/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/axios/1.3.6/axios.js
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.189.171.55 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
79f81db16af59ea9b1ac3432f020130253ff8b808b4de429e376329cb9af92f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://zip-pay-australia.xyz/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 02 Nov 2023 04:10:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
9778950972250293432
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Thu, 02 Nov 2023 04:06:03 GMT
check_referer.js
zip-pay-australia.xyz/web/page/pre_static/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zip-pay-australia.xyz/web/page/pre_static/js/check_referer.js
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
1bcac09d507a68a066f174444cf322ef7735ae2b489c9b826d7c3e100d85fcac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 02 Jun 2023 16:54:16 GMT
server
nginx
etag
W/"647a1eb8-31ec"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 02 Nov 2023 16:08:16 GMT
check_online.js
zip-pay-australia.xyz/web/page/pre_static/js/ 		204 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zip-pay-australia.xyz/web/page/pre_static/js/check_online.js
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
190a4913a44051e3ebb99df616c4d3016cdd27fc7e16611176ad578596fb7a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:16 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 08 Apr 2023 08:29:46 GMT
server
nginx
etag
"643125fa-cc"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
204
expires
Thu, 02 Nov 2023 16:08:16 GMT
jquery.js
cdn.bootcdn.net/ajax/libs/jquery/3.5.0/ 		281 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/jquery/3.5.0/jquery.js
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.189.171.55 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://zip-pay-australia.xyz/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 02 Nov 2023 04:10:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
11469080664224216444
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Thu, 02 Nov 2023 04:07:56 GMT
layer.js
cdn.bootcdn.net/ajax/libs/layer/3.5.1/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/layer/3.5.1/layer.js
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.189.171.55 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://zip-pay-australia.xyz/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 02 Nov 2023 04:10:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
15981271638913312378
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Thu, 02 Nov 2023 04:10:20 GMT
layer.min.css
cdn.bootcdn.net/ajax/libs/layer/3.5.1/mobile/need/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/layer/3.5.1/mobile/need/layer.min.css
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.189.171.55 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c2d8266316fdf7baebdf263c98bf0bce6f5c4bbb00c6b487e8f95690f2b8e055
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:10:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
2955700521119775296
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Thu, 02 Nov 2023 04:03:22 GMT
pages.js
zip-pay-australia.xyz/web/ 		551 B
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zip-pay-australia.xyz/web/pages.js
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
0b27dd509c684455598356a0473810d21c371089655dfeccb70677b5a32c4582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:16 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 05 Jun 2023 13:14:16 GMT
server
nginx
etag
"647ddfa8-227"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
551
expires
Thu, 02 Nov 2023 16:08:16 GMT
layer.css
cdn.bootcdn.net/ajax/libs/layer/3.5.1/theme/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/layer/3.5.1/theme/default/layer.css?v=3.5.1
Requested by
Host: cdn.bootcdn.net
URL: https://cdn.bootcdn.net/ajax/libs/layer/3.5.1/layer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.189.171.55 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:10:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
15334226290969250687
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Thu, 02 Nov 2023 04:07:56 GMT
getindex
zip-pay-australia.xyz/index/index/ 		91 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zip-pay-australia.xyz/index/index/getindex
Requested by
Host: cdn.bootcdn.net
URL: https://cdn.bootcdn.net/ajax/libs/axios/1.3.6/axios.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
e5a3a3fbb9721fcc8907e4c40d2f11cf52e2e714c14321c865a9c03a0750cb09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:17 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT,DELETE,OPTIONS,PATCH
content-type
text/html; charset=utf-8
access-control-allow-origin
http://localhost:9528
access-control-allow-credentials
true
access-control-allow-headers
content-type
styles.d18696d40a9bf44c1783.css
zip-pay-australia.xyz/web/page/static/login_files/ 		66 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zip-pay-australia.xyz/web/page/static/login_files/styles.d18696d40a9bf44c1783.css
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/get_index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
939867041a200220f80352cdc98e54c825b55430e04ca0797bff772dca007f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:17 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 06 Apr 2023 07:10:54 GMT
server
nginx
etag
W/"642e707e-107ad"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 02 Nov 2023 16:08:17 GMT
Zip.svg
zip-pay-australia.xyz/web/page/static/login_files/ 		979 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zip-pay-australia.xyz/web/page/static/login_files/Zip.svg
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/pre_static/js/get_index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.56.83 San Jose, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-56-83-host.colocrossing.com
Software
nginx /
Resource Hash
8c0f4c9d4fc6261090560d7d3f3ec13d59426b8a1c865ede53b02fc2c289cf45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/web/page/index.php?code=dG9rZW4%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:17 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 06 Apr 2023 07:10:54 GMT
server
nginx
etag
"642e707e-3d3"
content-type
image/svg+xml
accept-ranges
bytes
content-length
979
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,400,500
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/static/login_files/styles.d18696d40a9bf44c1783.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
e5b217be8a5bf6a34908c89d0fe1cd7ba679e78f84a4df58f6f28090e654835f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Nov 2023 04:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:50:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Nov 2023 04:08:18 GMT
style.css
zip.co/assets/zip/icons/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zip.co/assets/zip/icons/style.css
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/static/login_files/styles.d18696d40a9bf44c1783.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6945576dd28ec5c9900821ad7521df4d0c1762c5488438e47f325b9f76134b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:18 GMT
via
1.1 64abc7d7e287c3bb0e0b438a7c7db776.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
PER50-C1
age
3054
x-cache
Hit from cloudfront
last-modified
Mon, 30 Oct 2023 02:59:28 GMT
server
cloudflare
etag
W/"893f492a07eabdf0b1b1dba9831c147d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cf-ray
81f983f8efd78aca-PER
x-amz-cf-id
cMo2-LiFc-Sb94exJZweOEeSMAabckl7sSRQNS-lefcpilevfRTqlw==
2021-07-21_zip-fonts.css
zip-co-media.imgix.net/global-stylesheets/ 		1 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zip-co-media.imgix.net/global-stylesheets/2021-07-21_zip-fonts.css
Requested by
Host: zip-pay-australia.xyz
URL: https://zip-pay-australia.xyz/web/page/static/login_files/styles.d18696d40a9bf44c1783.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.46.208 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1ff444cceebf1a65606c5cbe7f07dba8115f89d568bd39be199aa6639901b190
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://zip-pay-australia.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
740999
x-cache
HIT, HIT
x-imgix-id
82766311314fe86acc71d59cb0146568e0397e31
cross-origin-resource-policy
cross-origin
content-length
296
x-served-by
cache-sjc1000088-SJC, cache-qpg1233-QPG
x-imgix-render-farm
01.140328
last-modified
Wed, 21 Jul 2021 04:36:24 GMT
server
imgix
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
SharpGroteskBook20.woff2
zip-co-media.imgix.net/global-stylesheets/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zip-co-media.imgix.net/global-stylesheets/fonts/SharpGroteskBook20.woff2
Requested by
Host: zip-co-media.imgix.net
URL: https://zip-co-media.imgix.net/global-stylesheets/2021-07-21_zip-fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.46.208 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
4ecbf233300985446c71feacb04d139a6940b6c2ba16c434498c3a57bc2c6dc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zip-co-media.imgix.net/global-stylesheets/2021-07-21_zip-fonts.css
Origin
https://zip-pay-australia.xyz
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:18 GMT
x-content-type-options
nosniff
age
2559531
x-cache
HIT, HIT
x-imgix-id
678846fc2b930a3450f6736ee2170eba36d2f08f
cross-origin-resource-policy
cross-origin
content-length
44372
x-served-by
cache-sjc10073-SJC, cache-qpg1255-QPG
x-imgix-render-farm
01.140328
last-modified
Tue, 20 Jul 2021 23:51:49 GMT
server
imgix
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
SharpGroteskMedium20.woff2
zip-co-media.imgix.net/global-stylesheets/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zip-co-media.imgix.net/global-stylesheets/fonts/SharpGroteskMedium20.woff2
Requested by
Host: zip-co-media.imgix.net
URL: https://zip-co-media.imgix.net/global-stylesheets/2021-07-21_zip-fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.46.208 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b0f29c588d8a444287b26ac07c04f760aab221b7c1b9252b29402f14902e02d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zip-co-media.imgix.net/global-stylesheets/2021-07-21_zip-fonts.css
Origin
https://zip-pay-australia.xyz
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:08:18 GMT
x-content-type-options
nosniff
age
3097974
x-cache
HIT, HIT
x-imgix-id
f33589952f729b576c3c7ee5c6c386e86106f4ee
cross-origin-resource-policy
cross-origin
content-length
44836
x-served-by
cache-sjc10064-SJC, cache-qpg1255-QPG
x-imgix-render-farm
01.140328
last-modified
Tue, 20 Jul 2021 23:51:49 GMT
server
imgix
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| axios function| $ function| jQuery object| layer object| pages

3 Cookies

Domain/Path Name / Value
zippaidaustralia.top/ Name: PHPSESSID
Value: 1esvpurmuada50u1rapp14gqg6
zip-pay-australia.xyz/ Name: PHPSESSID
Value: dv1a0mdnprr0k61r6otpcik94n
.zip.co/ Name: __cf_bm
Value: rmJh3jfXcmrGL73oX9xvaP47q0Ai0bguMgpCdISuqQI-1698898098-0-AUMm2qdD7hcXe7Va0BzHer48zIly8cG+6vzLgOSGn+7VDp6LBbbK6bJbegTKVfL1/eA5wAk1W2HkM3koV+EzFEo=

4 Console Messages

Source Level URL
Text
javascript warning URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bootcdn.net/ajax/libs/axios/1.3.6/axios.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bootcdn.net/ajax/libs/axios/1.3.6/axios.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js(Line 12)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bootcdn.net/ajax/libs/jquery/3.5.0/jquery.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://zip-pay-australia.xyz/web/page/pre_static/js/init.js(Line 13)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bootcdn.net/ajax/libs/layer/3.5.1/layer.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bootcdn.net
fonts.googleapis.com
zip-co-media.imgix.net
zip-pay-australia.xyz
zip.co
zippaidaustralia.top
122.189.171.55
172.245.56.83
172.253.118.95
172.64.150.121
192.3.105.58
199.232.46.208
039c747b73e5d82e52f8e42fd9bc05ea4f07d332daa665188bb3d333f0cd9ea2
0b27dd509c684455598356a0473810d21c371089655dfeccb70677b5a32c4582
190a4913a44051e3ebb99df616c4d3016cdd27fc7e16611176ad578596fb7a48
1bcac09d507a68a066f174444cf322ef7735ae2b489c9b826d7c3e100d85fcac
1ff444cceebf1a65606c5cbe7f07dba8115f89d568bd39be199aa6639901b190
3f365882ac35da065764f2c7c51b7ed6c8a02eeafff73b0dfcf81a5d4b41e4e2
4ecbf233300985446c71feacb04d139a6940b6c2ba16c434498c3a57bc2c6dc1
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
6d6945576dd28ec5c9900821ad7521df4d0c1762c5488438e47f325b9f76134b
79f81db16af59ea9b1ac3432f020130253ff8b808b4de429e376329cb9af92f5
8c0f4c9d4fc6261090560d7d3f3ec13d59426b8a1c865ede53b02fc2c289cf45
922197bcd21c400246acb6ba098d2ad8073697c670674e820848acc664d99d5f
939867041a200220f80352cdc98e54c825b55430e04ca0797bff772dca007f38
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37
b0f29c588d8a444287b26ac07c04f760aab221b7c1b9252b29402f14902e02d5
b4ee6ebf00ffa2d3e2fa1ce7097c589068cb6447175967dddf181097b7dd3425
c2d8266316fdf7baebdf263c98bf0bce6f5c4bbb00c6b487e8f95690f2b8e055
c6d2ffc882cde73789bef646bc310c93b62184c8d0573aeceab4709ac0ea57ca
e5a3a3fbb9721fcc8907e4c40d2f11cf52e2e714c14321c865a9c03a0750cb09
e5b217be8a5bf6a34908c89d0fe1cd7ba679e78f84a4df58f6f28090e654835f