auth.zto.com Open in urlscan Pro
154.85.69.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://auth.zto.com/
Effective URL:
https://auth.zto.com/
Submission: On July 04 via manual (July 4th 2023, 2:40:46 pm UTC) from GB — Scanned from GB

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 154.85.69.10, located in Seychelles and belongs to LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG. The main domain is auth.zto.com.
TLS certificate: Issued by TrustAsia RSA OV TLS CA G2 on October 19th 2022. Valid for: a year.

This is the only time auth.zto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	154.85.69.4 154.85.69.4	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
5	154.85.69.10 154.85.69.10	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
2	115.238.232.58 115.238.232.58	58461 (CT-HANGZH...) (CT-HANGZHOU-IDC No.288)
2	140.143.52.226 140.143.52.226	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
9	3

1 154.85.69.4 (Seychelles) 1 redirects

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

auth.zto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 154.85.69.10 (Seychelles)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

auth.zto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 115.238.232.58 (Ningbo, China)

ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)

hdgateway.zto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 140.143.52.226 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

beacon.tingyun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	zto.com 1 redirects auth.zto.com hdgateway.zto.com — Cisco Umbrella Rank: 863775	53 KB
2	tingyun.com beacon.tingyun.com — Cisco Umbrella Rank: 98535	471 B
9	2

	Domain	Requested by
6	auth.zto.com	1 redirects auth.zto.com
2	beacon.tingyun.com	auth.zto.com
2	hdgateway.zto.com	auth.zto.com
9	3

This site contains no links.

Subject Issuer	Validity	Valid
*.zto.com TrustAsia RSA OV TLS CA G2	`2022-10-19` - `2023-11-18`	a year	crt.sh
*.tingyun.com GlobalSign RSA OV SSL CA 2018	`2022-11-04` - `2023-12-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.zto.com/
Frame ID: 6C7D65BE3D92FC6024E846E2DDD23ACB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://auth.zto.com/ HTTP 302
https://auth.zto.com/ Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

54 kB
Transfer

51 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://auth.zto.com/ HTTP 302
https://auth.zto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response auth.zto.com/ Redirect Chain http://auth.zto.com/ https://auth.zto.com/	538 B 923 B	375ms 286ms	Document text/html	154.85.69.10 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Full URL https://auth.zto.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.10 , Seychelles, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software nginx/1.18.0 / Resource Hash `df9975cd94e7241e0a0f6a5fc4bc7f037bca539bcb094aa89635552659614755` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache Connection keep-alive Content-Length 538 Content-Type text/html Date Tue, 04 Jul 2023 14:40:40 GMT ETag "62fe0536-21a" Last-Modified Thu, 18 Aug 2022 09:24:06 GMT Server nginx/1.18.0 X-Ser BC156_dx-lt-yd-zhejiang-wenzhou-11-cache-7, BC231_FR-Paris-Paris-3-cache-1, BC6_DE-Frankfurt-Frankfurt-11-cache-1 Redirect headers Connection keep-alive Content-Length 0 Date Tue, 04 Jul 2023 14:40:40 GMT Location https://auth.zto.com/ Server web cache
GET H/1.1	200 OK	tingyun-rum.js Show response auth.zto.com/plugin/	25 KB 26 KB	751ms 750ms	Script application/javascript	154.85.69.10 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Full URL https://auth.zto.com/plugin/tingyun-rum.js Requested by Host: auth.zto.com URL: https://auth.zto.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.10 , Seychelles, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software nginx/1.18.0 / Resource Hash `102a5de27d2ea598f6c1b3f15af438d370a384c5291d436a88c393c904a50e3b` Request headers accept-language en-GB,en;q=0.9 Referer https://auth.zto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 14:40:41 GMT Last-Modified Thu, 18 Aug 2022 09:24:06 GMT Server nginx/1.18.0 ETag "62fe0536-6595" Content-Type application/javascript Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 26005 X-Ser BC179_dx-lt-yd-zhejiang-jinhua-12-cache-2, BC231_FR-Paris-Paris-3-cache-1, BC4_DE-Frankfurt-Frankfurt-11-cache-1
GET H/1.1	200 OK	axios.min.js Show response auth.zto.com/plugin/	13 KB 13 KB	405ms 320ms	Script application/javascript	154.85.69.10 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Full URL https://auth.zto.com/plugin/axios.min.js Requested by Host: auth.zto.com URL: https://auth.zto.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.10 , Seychelles, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software nginx/1.18.0 / Resource Hash `03cdc51eddb62db48e3d837d746b3be21fc9d23a9cdd365aa4752995fdaeba92` Request headers accept-language en-GB,en;q=0.9 Referer https://auth.zto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 14:40:41 GMT Last-Modified Thu, 18 Aug 2022 09:24:06 GMT Server nginx/1.18.0 ETag "62fe0536-32b3" Content-Type application/javascript Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 12979 X-Ser BC170_dx-lt-yd-jiangsu-yancheng-8-cache-5, BC227_FR-Paris-Paris-3-cache-1, BC3_DE-Frankfurt-Frankfurt-11-cache-1
GET H/1.1	200 OK	zto-a63757ba4c.js Show response auth.zto.com/public/js/	10 KB 10 KB	1160ms 1074ms	Script application/javascript	154.85.69.10 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Full URL https://auth.zto.com/public/js/zto-a63757ba4c.js Requested by Host: auth.zto.com URL: https://auth.zto.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.10 , Seychelles, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software nginx/1.18.0 / Resource Hash `481a96b9f336a8d236a8eefa88bf6d19d8c6bf1bbbae5e0be6d6c551f19c5705` Request headers accept-language en-GB,en;q=0.9 Referer https://auth.zto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 14:40:41 GMT Last-Modified Thu, 18 Aug 2022 09:24:06 GMT Server nginx/1.18.0 ETag "62fe0536-27dd" Content-Type application/javascript Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 10205 X-Ser BC171_dx-lt-yd-jiangsu-yancheng-8-cache-5, BC130_IT-Lombardia-Milan-1-cache-1, BC4_DE-Frankfurt-Frankfurt-11-cache-1
GET H/1.1	200 OK	index-3a8ba9b305.js Show response auth.zto.com/public/js/	2 KB 3 KB	329ms 244ms	Script application/javascript	154.85.69.10 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Full URL https://auth.zto.com/public/js/index-3a8ba9b305.js Requested by Host: auth.zto.com URL: https://auth.zto.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.10 , Seychelles, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software nginx/1.18.0 / Resource Hash `2d49f8b8ca635a890becf2ae03e5b8385c4503fd4b9aaf2f2cad67af8d118843` Request headers accept-language en-GB,en;q=0.9 Referer https://auth.zto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 14:40:41 GMT Last-Modified Thu, 18 Aug 2022 09:24:06 GMT Server nginx/1.18.0 ETag "62fe0536-909" Content-Type application/javascript Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 2313 X-Ser BC140_dx-lt-yd-zhejiang-huzhou-3-cache-5, BC231_FR-Paris-Paris-3-cache-1, BC7_DE-Frankfurt-Frankfurt-11-cache-1
POST H/1.1	200 OK	auth_openAuth_checkAuthParameter Show response hdgateway.zto.com/	86 B 398 B	213ms 212ms	XHR application/json	115.238.232.58 CT-HANGZHOU-IDC N...
General Check archive.org Show headers Download Go to Full URL https://hdgateway.zto.com/auth_openAuth_checkAuthParameter Requested by Host: auth.zto.com URL: https://auth.zto.com/plugin/tingyun-rum.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 115.238.232.58 Ningbo, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN), Reverse DNS Software / Resource Hash `7bebb536e30591fac5f17223968e51e088fb0677eb7f2614695c7ad3808445cb` Request headers Accept application/json, text/plain, / Referer https://auth.zto.com/ x-token null x-clientCode pc accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Access-Control-Allow-Origin https://auth.zto.com Access-Control-Expose-Headers X-Request-Id Date Tue, 04 Jul 2023 14:40:42 GMT Access-Control-Allow-Credentials true Content-Length 86 X-Request-Id GATEWAY_HD-0a05d6cf-469022-937297,null Content-Type application/json;charset=UTF-8
OPTIONS H/1.1	200 OK	auth_openAuth_checkAuthParameter hdgateway.zto.com/	0 0	1004ms 212ms	Preflight text/plain	115.238.232.58 CT-HANGZHOU-IDC N...
General Check archive.org Show headers Download Go to Full URL https://hdgateway.zto.com/auth_openAuth_checkAuthParameter Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 115.238.232.58 Ningbo, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN), Reverse DNS Software / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type,x-clientcode,x-token Access-Control-Request-Method POST Origin https://auth.zto.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type,x-clientcode,x-token Access-Control-Allow-Origin https://auth.zto.com Access-Control-Expose-Headers X-Request-Id Content-Length 0 Content-Type text/plain; charset=utf-8 Date Tue, 04 Jul 2023 14:40:42 GMT
POST H2	200	pf beacon.tingyun.com/	0 236 B	1613ms 1108ms	Ping text/plain	140.143.52.226 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://beacon.tingyun.com/pf?pvid=4e18f9ab-a4bf-4edf-b4c3-7f39a081635e&ref=https%3A%2F%2Fauth.zto.com%2F&referrer=&key=NWkMGyIiOMI&v=1.7.5&av=1.7.5&did=f1fbd29d-4505-487d-948a-6e5264a930a3&sid=47ab54f1-e973-4bc9-aefe-45031c7546bb&f=1536&qs=1625&rs=1911&re=1912&os=3088&oe=3088&oi=3088&oc=3088&ls=3088&le=3088&tus=0&tue=0&cs=1537&ce=1625&fp=2677&sl=1579&je=0&sh=1200&sw=1600&__fp=2&dr=3088&fs=2677&trflag=0000&__r=1688481642067 Requested by Host: auth.zto.com URL: https://auth.zto.com/plugin/tingyun-rum.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 140.143.52.226 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer https://auth.zto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 04 Jul 2023 14:40:43 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type text/plain access-control-allow-origin * access-control-allow-headers accept, content-type, classname
POST H2	200	xhr1 beacon.tingyun.com/	0 235 B	894ms 894ms	Ping text/plain	140.143.52.226 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://beacon.tingyun.com/xhr1?pvid=4e18f9ab-a4bf-4edf-b4c3-7f39a081635e&ref=https%3A%2F%2Fauth.zto.com%2F&referrer=&key=NWkMGyIiOMI&v=1.7.5&av=1.7.5&did=f1fbd29d-4505-487d-948a-6e5264a930a3&sid=47ab54f1-e973-4bc9-aefe-45031c7546bb&__r=1688481643679 Requested by Host: auth.zto.com URL: https://auth.zto.com/plugin/tingyun-rum.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 140.143.52.226 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://auth.zto.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 04 Jul 2023 14:40:44 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type text/plain access-control-allow-origin * access-control-allow-headers accept, content-type, classname

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth.zto.com/	1969-12-31 23:59:59	Name: TY_SESSION_ID Value: 47ab54f1-e973-4bc9-aefe-45031c7546bb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.zto.com
beacon.tingyun.com
hdgateway.zto.com
115.238.232.58
140.143.52.226
154.85.69.10
154.85.69.4
03cdc51eddb62db48e3d837d746b3be21fc9d23a9cdd365aa4752995fdaeba92
102a5de27d2ea598f6c1b3f15af438d370a384c5291d436a88c393c904a50e3b
2d49f8b8ca635a890becf2ae03e5b8385c4503fd4b9aaf2f2cad67af8d118843
481a96b9f336a8d236a8eefa88bf6d19d8c6bf1bbbae5e0be6d6c551f19c5705
7bebb536e30591fac5f17223968e51e088fb0677eb7f2614695c7ad3808445cb
df9975cd94e7241e0a0f6a5fc4bc7f037bca539bcb094aa89635552659614755
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

auth.zto.com Open in urlscan Pro 154.85.69.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

54 kBTransfer

51 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

Indicators

auth.zto.com Open in urlscan Pro
154.85.69.10 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

54 kB
Transfer

51 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions