zcodesystem.com Open in urlscan Pro
23.88.81.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://staging.rwitter.com/
Effective URL:
https://zcodesystem.com/?hop=burnntbarb&hopId=40b8cf16-6b0d-4c1f-9f01-38905e5070ec
Submission Tags: @phishunt_io
Submission: On July 18 via api (July 18th 2024, 2:57:31 pm UTC) from DE — Scanned from US

Summary HTTP 113 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 113 HTTP transactions. The main IP is 23.88.81.24, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is zcodesystem.com.
TLS certificate: Issued by R10 on July 12th 2024. Valid for: 3 months.

This is the only time zcodesystem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.247.81.50 104.247.81.50	206834 (TEAMINTER...) (TEAMINTERNET-CA-AS)
1	2600:9000:244... 2600:9000:244d:6a00:1d:4618:5c80:21	16509 (AMAZON-02) (AMAZON-02)
2	44.194.155.73 44.194.155.73	14618 (AMAZON-AES) (AMAZON-AES)
1 2	15.197.224.234 15.197.224.234	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	95.217.202.210 95.217.202.210	24940 (HETZNER-AS) (HETZNER-AS)
1 1	100.20.79.168 100.20.79.168	16509 (AMAZON-02) (AMAZON-02)
30	23.88.81.24 23.88.81.24	24940 (HETZNER-AS) (HETZNER-AS)
113	8

4 104.247.81.50 (Canada)

ASN206834 (TEAMINTERNET-CA-AS, DE)

staging.rwitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:244d:6a00:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.194.155.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-155-73.compute-1.amazonaws.com

tanis-ats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.224.234 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

starchoice-1.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.starvalue-2.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.202.210 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: server.zeep.ly

zeep.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.20.79.168 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-79-168.us-west-2.compute.amazonaws.com

9eb5f66f09u2qkjxqlf17xtvck.hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 23.88.81.24 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server4.zcodesystem.com

zcodesystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	zcodesystem.com zcodesystem.com	329 KB
4	rwitter.com staging.rwitter.com	4 KB
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 61574 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 17559	90 KB
2	starchoice-1.online 1 redirects starchoice-1.online — Cisco Umbrella Rank: 316472	21 KB
2	tanis-ats.com tanis-ats.com — Cisco Umbrella Rank: 304284	4 KB
1	clickbank.net 1 redirects 9eb5f66f09u2qkjxqlf17xtvck.hop.clickbank.net cbtb.clickbank.net Failed	632 B
1	zeep.ly 1 redirects zeep.ly — Cisco Umbrella Rank: 450429	540 B
1	starvalue-2.online 1 redirects xml-v4.starvalue-2.online — Cisco Umbrella Rank: 62288	175 B
1	cloudfront.net d38psrni17bvxu.cloudfront.net	1 KB
0	ywxi.net Failed cdn.ywxi.net Failed
113	10

	Domain	Requested by
30	zcodesystem.com	starchoice-1.online zcodesystem.com
4	staging.rwitter.com	d38psrni17bvxu.cloudfront.net staging.rwitter.com
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	starchoice-1.online	1 redirects tanis-ats.com
2	tanis-ats.com	staging.rwitter.com tanis-ats.com
1	9eb5f66f09u2qkjxqlf17xtvck.hop.clickbank.net	1 redirects
1	zeep.ly	1 redirects
1	xml-v4.starvalue-2.online	1 redirects
1	cdn.perfdrive.com	starchoice-1.online
1	d38psrni17bvxu.cloudfront.net	staging.rwitter.com
0	cdn.ywxi.net Failed	zcodesystem.com
0	cbtb.clickbank.net Failed	zcodesystem.com
113	12

This site contains no links.

Subject Issuer	Validity	Valid
staging.rwitter.com R10	`2024-07-18` - `2024-10-16`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
tanis-ats.com Amazon RSA 2048 M02	`2024-07-02` - `2025-07-31`	a year	crt.sh
starchoice-1.online Amazon RSA 2048 M02	`2024-07-03` - `2025-08-01`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-09-21` - `2024-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-07-24` - `2024-08-05`	a year	crt.sh
zcodesystem.com R10	`2024-07-12` - `2024-10-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zcodesystem.com/?hop=burnntbarb&hopId=40b8cf16-6b0d-4c1f-9f01-38905e5070ec
Frame ID: 6AE02B30D6C6D8DF24A77A1FBF27D794
Requests: 113 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://staging.rwitter.com/ Page URL
http://tanis-ats.com/zclkvisitor/05b24166-4516-11ef-ad92-12b3a0972c85/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
https://tanis-ats.com/zclkvisitor/05b24166-4516-11ef-ad92-12b3a0972c85/85aefdc2-9ed0-48aa-922d-60f... Page URL
https://tanis-ats.com/zclkredirect?visitid=05b24166-4516-11ef-ad92-12b3a0972c85&type=js&browserWid... Page URL
http://starchoice-1.online/api/v1/px?xmlid=teVxOB0nNg2XEVy0NPgLTP78O2880c49cWx2sDFx HTTP 307
https://starchoice-1.online/api/v1/px?xmlid=teVxOB0nNg2XEVy0NPgLTP78O2880c49cWx2sDFx Page URL
https://starchoice-1.online/api/v1/pxcheck?impId=teVxOB0nNg2XEVy0NPgLTP78O2880c49cWx2sDFx&minfo=eyJjb29r... HTTP 302
http://xml-v4.starvalue-2.online/click?seat=2947035&i=JkTacVB6wL4_0 HTTP 307
https://xml-v4.starvalue-2.online/click?seat=2947035&i=JkTacVB6wL4_0 HTTP 302
https://zeep.ly/AtloQ HTTP 301
https://9eb5f66f09u2qkjxqlf17xtvck.hop.clickbank.net/ HTTP 307
https://zcodesystem.com/?hop=burnntbarb&hopId=40b8cf16-6b0d-4c1f-9f01-38905e5070ec Page URL

Detected technologies

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

113
Requests

36 %
HTTPS

10 %
IPv6

10
Domains

12
Subdomains

8
IPs

4
Countries

449 kB
Transfer

2431 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://staging.rwitter.com/ Page URL
http://tanis-ats.com/zclkvisitor/05b24166-4516-11ef-ad92-12b3a0972c85/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=05c7ec43-4516-11ef-ad92-12b3a0972c85 HTTP 307
https://tanis-ats.com/zclkvisitor/05b24166-4516-11ef-ad92-12b3a0972c85/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=05c7ec43-4516-11ef-ad92-12b3a0972c85 Page URL
https://tanis-ats.com/zclkredirect?visitid=05b24166-4516-11ef-ad92-12b3a0972c85&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu Page URL
http://starchoice-1.online/api/v1/px?xmlid=teVxOB0nNg2XEVy0NPgLTP78O2880c49cWx2sDFx HTTP 307
https://starchoice-1.online/api/v1/px?xmlid=teVxOB0nNg2XEVy0NPgLTP78O2880c49cWx2sDFx Page URL
https://starchoice-1.online/api/v1/pxcheck?impId=teVxOB0nNg2XEVy0NPgLTP78O2880c49cWx2sDFx&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9zdGFyY2hvaWNlLTEub25saW5lL2FwaS92MS9weD94bWxpZD10ZVZ4T0Iwbk5nMlhFVnkwTlBnTFRQNzhPMjg4MGM0OWNXeDJzREZ4IiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
http://xml-v4.starvalue-2.online/click?seat=2947035&i=JkTacVB6wL4_0 HTTP 307
https://xml-v4.starvalue-2.online/click?seat=2947035&i=JkTacVB6wL4_0 HTTP 302
https://zeep.ly/AtloQ HTTP 301
https://9eb5f66f09u2qkjxqlf17xtvck.hop.clickbank.net/ HTTP 307
https://zcodesystem.com/?hop=burnntbarb&hopId=40b8cf16-6b0d-4c1f-9f01-38905e5070ec Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://tanis-ats.com/zclkvisitor/05b24166-4516-11ef-ad92-12b3a0972c85/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=05c7ec43-4516-11ef-ad92-12b3a0972c85 HTTP 307
https://tanis-ats.com/zclkvisitor/05b24166-4516-11ef-ad92-12b3a0972c85/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=05c7ec43-4516-11ef-ad92-12b3a0972c85

Request Chain 7

http://starchoice-1.online/api/v1/px?xmlid=teVxOB0nNg2XEVy0NPgLTP78O2880c49cWx2sDFx HTTP 307
https://starchoice-1.online/api/v1/px?xmlid=teVxOB0nNg2XEVy0NPgLTP78O2880c49cWx2sDFx

113 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
staging.rwitter.com/ 2 KB
2 KB 997ms
423ms Document
text/html 104.247.81.50
TEAMINTERNET-CA-AS

General

Domain/Path	Expires	Name / Value
.starchoice-1.online/	1970-01-21 02:27:46	Name: __ssds Value: 2
.starchoice-1.online/	1970-01-21 02:27:46	Name: __ssuzjsr2 Value: a9be0cd8e
.starchoice-1.online/	1970-01-21 02:27:46	Name: __uzmaj2 Value: 5f1db4d0-4e4d-4f00-bce8-d9b2d7038757
.starchoice-1.online/	1970-01-21 02:27:46	Name: __uzmbj2 Value: 1721314638
.starchoice-1.online/	1970-01-21 02:27:46	Name: __uzmcj2 Value: 724421087158
.starchoice-1.online/	1970-01-21 02:27:46	Name: __uzmdj2 Value: 1721314638
.starchoice-1.online/	1970-01-21 02:27:46	Name: __uzmlj2 Value: XoAKkq4yzSHBCaIWUFCwgEwX3dsl1EUUckq+YJ8FxVI=
.starchoice-1.online/	1970-01-21 02:27:46	Name: __uzmfj2 Value: 7f6000cdd81b5c-c994-4e7a-9fd7-a902a6c068d417213146380890-ebbdb2c8f1989a3d10
zeep.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1e2ae135dd68e36c6d4f506088816bbe
zeep.ly/	1970-01-20 22:08:35	Name: short_460859 Value: 1
.clickbank.net/	1970-01-21 06:54:10	Name: q Value: 01.E25678B453437C7972180D4B40741298E470A6B3C6F7AF661D9E24A78544224ACD428145F97848CBE4DBF87343747BB4FC1A97D5
zcodesystem.com/	1970-01-21 06:54:10	Name: ClearBrData00001 Value: 1
zcodesystem.com/	1970-01-20 22:18:39	Name: PHPSESSID Value: ec0802d9256791300c2df44c5470c21c
.zcodesystem.com/	1970-01-21 06:54:10	Name: language Value: en
zcodesystem.com/	1970-01-21 07:44:34	Name: INDEXNO Value: 1
zcodesystem.com/	1969-12-31 23:59:59	Name: zc_aff_id Value: 0
zcodesystem.com/	1969-12-31 23:59:59	Name: zc_aff_src_id Value: 0

zcodesystem.com Open in urlscan Pro 23.88.81.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

36 %HTTPS

10 %IPv6

10 Domains

12 Subdomains

8 IPs

4 Countries

449 kBTransfer

2431 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zcodesystem.com Open in urlscan Pro
23.88.81.24 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

36 %
HTTPS

10 %
IPv6

10
Domains

12
Subdomains

8
IPs

4
Countries

449 kB
Transfer

2431 kB
Size

17
Cookies

113 HTTP transactions
0 data transactions