books.zohosecure.eu Open in urlscan Pro
185.230.212.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clients.bricktown.co.uk/
Effective URL:
https://books.zohosecure.eu/portal/bricktownclients/login
Submission: On August 16 via automatic, source certstream-suspicious (August 16th 2024, 12:33:14 pm UTC) — Scanned from GB

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 7 domains to perform 23 HTTP transactions. The main IP is 185.230.212.19, located in Netherlands and belongs to ZOHO-EU, NL. The main domain is books.zohosecure.eu.
TLS certificate: Issued by R10 on July 17th 2024. Valid for: 3 months.

This is the only time books.zohosecure.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	35.214.118.104 35.214.118.104	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223d:ba00:5:acf3:db40:21	16509 (AMAZON-02) (AMAZON-02)
2 2	185.230.212.175 185.230.212.175	205111 (ZOHO-EU) (ZOHO-EU)
5	185.230.212.19 185.230.212.19	205111 (ZOHO-EU) (ZOHO-EU)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	89.36.170.147 89.36.170.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
23	6

4 35.214.118.104 (London, United Kingdom) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 104.118.214.35.bc.googleusercontent.com

clients.bricktown.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:ba00:5:acf3:db40:21 (United States)

ASN16509 (AMAZON-02, US)

d1rozh26tys225.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.230.212.175 (Netherlands) 2 redirects

ASN205111 (ZOHO-EU, NL)

books.zoho.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.230.212.19 (Netherlands)

ASN205111 (ZOHO-EU, NL)

books.zohosecure.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.36.170.147 (Schlierbach, Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)
PTR: zoho-170-147.dub3.computerline.net

static.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	zohosecure.eu books.zohosecure.eu	23 KB
4	bricktown.co.uk 1 redirects clients.bricktown.co.uk	6 KB
2	zohocdn.com static.zohocdn.com — Cisco Umbrella Rank: 25979	45 KB
2	zoho.eu 2 redirects books.zoho.eu	711 B
2	cloudfront.net d1rozh26tys225.cloudfront.net	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
0	zoho.com Failed webfonts.zoho.com Failed
23	7

	Domain	Requested by
5	books.zohosecure.eu	clients.bricktown.co.uk books.zohosecure.eu
4	clients.bricktown.co.uk	1 redirects clients.bricktown.co.uk
2	static.zohocdn.com	books.zohosecure.eu
2	books.zoho.eu	2 redirects
2	d1rozh26tys225.cloudfront.net	clients.bricktown.co.uk
1	fonts.googleapis.com	books.zohosecure.eu
0	webfonts.zoho.com Failed	books.zohosecure.eu
23	7

This site contains links to these domains. Also see Links.

Domain
www.zoho.eu

Subject Issuer	Validity	Valid
*.clients.bricktown.co.uk R11	`2024-08-15` - `2024-11-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.zohosecure.eu R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.zohocdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-10` - `2024-10-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://books.zohosecure.eu/portal/bricktownclients/login
Frame ID: D135CDB32DE61372CFDAB15AD5663938
Requests: 16 HTTP requests in this frame

Frame: https://books.zohosecure.eu/accounts/signin?_sh=false&hideidp=true&dcc=true&portal=30009014786&client_portal=true&servicename=ZohoBooks&serviceurl=https://books.zohosecure.eu/portal/bricktownclients/index&service_language=en
Frame ID: 5385022FA82BB5D5DCEDBD09D22F4F70
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bricktown Ltd

Page URL History Show full URLs

https://clients.bricktown.co.uk/ Page URL
https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&y=ipr:217.138.196.106:1723811590.557 Page URL
https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzgxMTU5MDo3ODQ2NDU4ODpiNDIzODc3NzE... Page URL
https://clients.bricktown.co.uk/ HTTP 302
https://books.zoho.eu/portal/bricktownclients HTTP 302
https://books.zoho.eu/portal/bricktownclients/login HTTP 302
https://books.zohosecure.eu/portal/bricktownclients/login Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

57 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

6
IPs

5
Countries

80 kB
Transfer

254 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.zoho.eu/books/
Title: Sign in

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clients.bricktown.co.uk/ Page URL
https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&y=ipr:217.138.196.106:1723811590.557 Page URL
https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzgxMTU5MDo3ODQ2NDU4ODpiNDIzODc3NzE3MzYyYjljNWMxODhkYmI0M2M4ZTMyYjQyMjlhOWY2MjcxMDFmZmRkNTQ3ZDkzOTk0NTM4YTUxOgIllcQ%3D&s=2208:459315 Page URL
https://clients.bricktown.co.uk/ HTTP 302
https://books.zoho.eu/portal/bricktownclients HTTP 302
https://books.zoho.eu/portal/bricktownclients/login HTTP 302
https://books.zohosecure.eu/portal/bricktownclients/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 202 / Show response
clients.bricktown.co.uk/ 170 B
420 B 150ms
30ms Document
text/html 35.214.118.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.bricktown.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.118.104 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 104.118.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 61cf231cee8b0ccf8ba740599daa6f5519980587ae2f20b4baf5b7dd148a75dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store,no-cache,max-age=0
content-length: 170
content-type: text/html
date: Fri, 16 Aug 2024 12:33:10 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
server: nginx
sg-captcha: challenge
x-proxy-cache-info: DT:1
x-robots-tag: noindex

GET
H2 200 / Show response
clients.bricktown.co.uk/.well-known/sgcaptcha/ 12 KB
5 KB 32ms
31ms Document
text/html 35.214.118.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&y=ipr:217.138.196.106:1723811590.557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.118.104 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 104.118.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9a97e8360d936b38a7f881dc608719e092a905c7eaea9709a28b44197abab21e

Request headers

Referer: https://clients.bricktown.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store,no-cache,max-age=0
content-encoding: br
content-type: text/html
date: Fri, 16 Aug 2024 12:33:10 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
server: nginx
sg-captcha: challenge
vary: Accept-Encoding
x-proxy-cache-info: DT:1
x-robots-tag: noindex

GET
H2 200 robot-suspicion.svg
d1rozh26tys225.cloudfront.net/ 5 KB
3 KB 137ms
43ms Image
image/svg+xml 2600:9000:223d:ba00:5:acf3:db40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rozh26tys225.cloudfront.net/robot-suspicion.svg
Requested by: Host: clients.bricktown.co.uk
URL: https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&y=ipr:217.138.196.106:1723811590.557
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ba00:5:acf3:db40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddb4a8fe630cda4853312bf576429166ca074167ec93d38b24fc80d166f52a34

Request headers

Referer: https://clients.bricktown.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 01:04:33 GMT
content-encoding: gzip
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
last-modified: Wed, 16 Aug 2023 13:41:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 43696
x-amz-server-side-encryption: AES256
etag: W/"bf95026d64faa61f93dcec8be1040417"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: RXIzomqlv2B3JJUdGIeyR1ClCALdK_PSHPkm-VK2YwO7Vltx2motfg==

GET
H2 200 loader.svg
d1rozh26tys225.cloudfront.net/ 846 B
1 KB 137ms
43ms Image
image/svg+xml 2600:9000:223d:ba00:5:acf3:db40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rozh26tys225.cloudfront.net/loader.svg
Requested by: Host: clients.bricktown.co.uk
URL: https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&y=ipr:217.138.196.106:1723811590.557
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ba00:5:acf3:db40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daed5f030b7d78e92c71aa05601d7bc94a8c59f4037363666f02e5611fc5de42

Request headers

Referer: https://clients.bricktown.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 05:08:26 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
last-modified: Wed, 16 Aug 2023 13:41:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 31389
x-amz-server-side-encryption: AES256
etag: "8946b767a9a283b2a0f3a62fd915020c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 846
x-amz-cf-id: 92UMBlRINsRrXJ4dgxmkjbB_VB5SSVyfDO8FnFRZUljc-amM8nCN0w==

GET
BLOB 200
OK 26d7e9e4-5cc0-4354-911f-897207c9eb23
https://clients.bricktown.co.uk/ 8 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.bricktown.co.uk/26d7e9e4-5cc0-4354-911f-897207c9eb23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 7806
Content-Type: application/javascript

GET
BLOB 200
OK 26d7e9e4-5cc0-4354-911f-897207c9eb23
https://clients.bricktown.co.uk/ 8 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.bricktown.co.uk/26d7e9e4-5cc0-4354-911f-897207c9eb23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 7806
Content-Type: application/javascript

GET
BLOB 200
OK 26d7e9e4-5cc0-4354-911f-897207c9eb23
https://clients.bricktown.co.uk/ 8 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.bricktown.co.uk/26d7e9e4-5cc0-4354-911f-897207c9eb23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 7806
Content-Type: application/javascript

GET
BLOB 200
OK 26d7e9e4-5cc0-4354-911f-897207c9eb23
https://clients.bricktown.co.uk/ 8 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.bricktown.co.uk/26d7e9e4-5cc0-4354-911f-897207c9eb23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 7806
Content-Type: application/javascript

GET
BLOB 200
OK 26d7e9e4-5cc0-4354-911f-897207c9eb23
https://clients.bricktown.co.uk/ 8 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.bricktown.co.uk/26d7e9e4-5cc0-4354-911f-897207c9eb23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 7806
Content-Type: application/javascript

GET
BLOB 200
OK 26d7e9e4-5cc0-4354-911f-897207c9eb23
https://clients.bricktown.co.uk/ 8 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.bricktown.co.uk/26d7e9e4-5cc0-4354-911f-897207c9eb23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 7806
Content-Type: application/javascript

GET
BLOB 200
OK 26d7e9e4-5cc0-4354-911f-897207c9eb23
https://clients.bricktown.co.uk/ 8 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.bricktown.co.uk/26d7e9e4-5cc0-4354-911f-897207c9eb23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 7806
Content-Type: application/javascript

GET
BLOB 200
OK 26d7e9e4-5cc0-4354-911f-897207c9eb23
https://clients.bricktown.co.uk/ 8 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.bricktown.co.uk/26d7e9e4-5cc0-4354-911f-897207c9eb23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 7806
Content-Type: application/javascript

GET
H2 202 /
clients.bricktown.co.uk/.well-known/sgcaptcha/ 300 B
694 B 31ms
31ms Document
text/html 35.214.118.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzgxMTU5MDo3ODQ2NDU4ODpiNDIzODc3NzE3MzYyYjljNWMxODhkYmI0M2M4ZTMyYjQyMjlhOWY2MjcxMDFmZmRkNTQ3ZDkzOTk0NTM4YTUxOgIllcQ%3D&s=2208:459315
Requested by: Host: clients.bricktown.co.uk
URL: https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&y=ipr:217.138.196.106:1723811590.557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.118.104 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 104.118.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&y=ipr:217.138.196.106:1723811590.557
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store,no-cache,max-age=0
content-length: 300
content-type: text/html
date: Fri, 16 Aug 2024 12:33:13 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
server: nginx
sg-captcha: challenge
x-proxy-cache-info: DT:1
x-robots-tag: noindex

GET
H/1.1

200

Primary Request login Show response
books.zohosecure.eu/portal/bricktownclients/
Redirect Chain

https://clients.bricktown.co.uk/
https://books.zoho.eu/portal/bricktownclients
https://books.zoho.eu/portal/bricktownclients/login
https://books.zohosecure.eu/portal/bricktownclients/login

4 KB
2 KB

330ms
111ms

Document
text/html

185.230.212.19
ZOHO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://books.zohosecure.eu/portal/bricktownclients/login

Requested by

Host: clients.bricktown.co.uk
URL: https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzgxMTU5MDo3ODQ2NDU4ODpiNDIzODc3NzE3MzYyYjljNWMxODhkYmI0M2M4ZTMyYjQyMjlhOWY2MjcxMDFmZmRkNTQ3ZDkzOTk0NTM4YTUxOgIllcQ%3D&s=2208:459315

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.212.19 , Netherlands, ASN205111 (ZOHO-EU, NL),

Reverse DNS

Software

ZGS /

Resource Hash

7e7bb9cbde7e3c9242f1dd0aa98224ac9f538221d188989d5e7b1c682689daf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://clients.bricktown.co.uk/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzgxMTU5MDo3ODQ2NDU4ODpiNDIzODc3NzE3MzYyYjljNWMxODhkYmI0M2M4ZTMyYjQyMjlhOWY2MjcxMDFmZmRkNTQ3ZDkzOTk0NTM4YTUxOgIllcQ%3D&s=2208:459315
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: private,no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 16 Aug 2024 12:33:13 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: ZGS
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
vary: accept-encoding

Redirect headers

cache-control: private,no-cache,no-store,max-age=0,must-revalidate
content-length: 0
date: Fri, 16 Aug 2024 12:33:13 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://books.zohosecure.eu:443/portal/bricktownclients/login
pragma: no-cache
server: ZGS
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY

GET css
webfonts.zoho.com/ 0
0

GET
H/1.1 200 invoicelogo
books.zohosecure.eu/portal/bricktownclients/api/v3/loginpage/ 14 KB
15 KB 79ms
79ms Image
image/png 185.230.212.19
ZOHO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://books.zohosecure.eu/portal/bricktownclients/api/v3/loginpage/invoicelogo

Requested by

Host: books.zohosecure.eu
URL: https://books.zohosecure.eu/portal/bricktownclients/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.212.19 , Netherlands, ASN205111 (ZOHO-EU, NL),

Reverse DNS

Software

ZGS /

Resource Hash

13cf55ba523d7c7ca988e22d0196fc71f3f47896e7d705f96a9f3b018af349f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Aug 2024 12:33:13 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Aug 2024 13:09:19.538 PDT
Server: ZGS
ETag: 1723752559538
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: image/png
Allow: OPTIONS, GET
Cache-Control: must-revalidate
Content-Disposition: attachment; filename=Invoicelogo_logox2.png
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 signin Show response
books.zohosecure.eu/accounts/ Frame 5385 5 KB
3 KB 69ms
64ms Document
text/html 185.230.212.19
ZOHO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://books.zohosecure.eu/accounts/signin?_sh=false&hideidp=true&dcc=true&portal=30009014786&client_portal=true&servicename=ZohoBooks&serviceurl=https://books.zohosecure.eu/portal/bricktownclients/index&service_language=en

Requested by

Host: books.zohosecure.eu
URL: https://books.zohosecure.eu/portal/bricktownclients/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.212.19 , Netherlands, ASN205111 (ZOHO-EU, NL),

Reverse DNS

Software

ZGS /

Resource Hash

e22c1f8135d5ba83d80eb8409e8788d974a01a49220cad31ce5676e38a9d5a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-GB
Content-Type: text/html;charset=UTF-8
Date: Fri, 16 Aug 2024 12:33:13 GMT
Server: ZGS
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
vary: accept-encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 5385 22 KB
2 KB 149ms
50ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin

Requested by

Host: books.zohosecure.eu
URL: https://books.zohosecure.eu/accounts/signin?_sh=false&hideidp=true&dcc=true&portal=30009014786&client_portal=true&servicename=ZohoBooks&serviceurl=https://books.zohosecure.eu/portal/bricktownclients/index&service_language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://books.zohosecure.eu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Aug 2024 12:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Aug 2024 12:33:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Aug 2024 12:33:14 GMT

GET
H2 200 jquery-3.6.0.min.8fb8fee4fcc3cc86ff6c724154c49c42.js Show response
static.zohocdn.com/iam/accounts/js/tplibs/jquery/ Frame 5385 87 KB
33 KB 330ms
155ms Script
application/javascript 89.36.170.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/iam/accounts/js/tplibs/jquery/jquery-3.6.0.min.8fb8fee4fcc3cc86ff6c724154c49c42.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

zoho-170-147.dub3.computerline.net

Software

ZGS /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://books.zohosecure.eu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 12:33:14 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 33287
last-modified: Fri, 14 Jul 2023 06:22:13 GMT
server: ZGS
nb-request-id: 34ebb08047c19dfd50d40345f87de3e6
etag: "60a72e2b1a799c1b9ec8c9ca2bfa9d17"
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-a93087f439be4492bf8c26dbea12f4ae
accept-ranges: bytes
timing-allow-origin: *

GET xregexp-all.2a67efb28253461665e6cd92f41b19b0.js
static.zohocdn.com/iam/accounts/js/tplibs/ Frame 5385 0
0

GET
H2 200 signin.min.95fe70635026e77983c6b7f073f56222.js Show response
static.zohocdn.com/iam/accounts/js/ Frame 5385 35 KB
12 KB 373ms
199ms Script
text/javascript 89.36.170.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/iam/accounts/js/signin.min.95fe70635026e77983c6b7f073f56222.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

zoho-170-147.dub3.computerline.net

Software

ZGS /

Resource Hash

38d5529b0279e50b6140d58fbba176e8af3fa0d068045d582a765c5005d53d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://books.zohosecure.eu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 12:33:14 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11491
last-modified: Fri, 05 Jul 2024 05:03:13 GMT
server: ZGS
nb-request-id: b4678e3c7a9f80c27615597d20987442
etag: "e9021a7ae6c5b0f20ecc6c005667381e"
vary: Accept-Encoding
content-language: en-US
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-1ea824b7da604a599f710a6a9ec1365f
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 signin.js Show response
books.zohosecure.eu/accounts/ Frame 5385 7 KB
3 KB 47ms
45ms Script
application/javascript 185.230.212.19
ZOHO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://books.zohosecure.eu/accounts/signin.js?servicename=ZohoBooks&serviceurl=https%3A%2F%2Fbooks.zohosecure.eu%2Fportal%2Fbricktownclients%2Findex&portal=30009014786&client_portal=true&service_language=en&dcc=true

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.212.19 , Netherlands, ASN205111 (ZOHO-EU, NL),

Reverse DNS

Software

ZGS /

Resource Hash

a3656416762daad8e21d051458455306e4d6ff504f0efe4816553ee3ee8c2f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://books.zohosecure.eu/accounts/signin?_sh=false&hideidp=true&dcc=true&portal=30009014786&client_portal=true&servicename=ZohoBooks&serviceurl=https://books.zohosecure.eu/portal/bricktownclients/index&service_language=en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Aug 2024 12:33:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Server: ZGS
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=UTF-8
vary: accept-encoding
Content-Language: en-GB
Cache-Control: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 spacer.gif
books.zohosecure.eu/accounts/images/ Frame 5385 49 B
402 B 42ms
41ms Image
image/gif 185.230.212.19
ZOHO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://books.zohosecure.eu/accounts/images/spacer.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.212.19 , Netherlands, ASN205111 (ZOHO-EU, NL),

Reverse DNS

Software

ZGS /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://books.zohosecure.eu/accounts/signin?_sh=false&hideidp=true&dcc=true&portal=30009014786&client_portal=true&servicename=ZohoBooks&serviceurl=https://books.zohosecure.eu/portal/bricktownclients/index&service_language=en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 12:33:13 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Aug 2024 06:01:24 GMT
Server: ZGS
ETag: W/"49-1723615284000"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webfonts.zoho.com
URL: https://webfonts.zoho.com/css?family=Nunito+Sans:300,400,600

Domain: static.zohocdn.com
URL: https://static.zohocdn.com/iam/accounts/js/tplibs/xregexp-all.2a67efb28253461665e6cd92f41b19b0.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clients.bricktown.co.uk/	1970-01-20 23:33:23	Name: _I_ Value: b7aa3a9e66d98c8700611c86fe9312756739db6129a6c6792676426ce76b8709-1723811593
books.zoho.eu/	1969-12-31 23:59:59	Name: zalb_24fdd52cf8 Value: e7678df2dca1d2c70e4d9fd091c12947
books.zoho.eu/	1969-12-31 23:59:59	Name: zbcscook Value: 56739d4b-3332-4a8c-89d1-404a9f162668
books.zoho.eu/	1969-12-31 23:59:59	Name: _zcsr_tmp Value: 56739d4b-3332-4a8c-89d1-404a9f162668
books.zohosecure.eu/	1969-12-31 23:59:59	Name: zalb_24fdd52cf8 Value: e7678df2dca1d2c70e4d9fd091c12947
books.zohosecure.eu/	1969-12-31 23:59:59	Name: zbcscook Value: dab39d62-af32-4106-a035-6a6a71b62124
books.zohosecure.eu/	1969-12-31 23:59:59	Name: zalb_15572833e6 Value: 8801272eb0fd78d8b4b6ed229cdf25d2
books.zohosecure.eu/	1969-12-31 23:59:59	Name: iamcsr Value: 67c65bf7-4291-4a58-909c-033317ddc596
books.zohosecure.eu/	1969-12-31 23:59:59	Name: _zcsr_tmp Value: 67c65bf7-4291-4a58-909c-033317ddc596
books.zohosecure.eu/	1969-12-31 23:59:59	Name: JSESSIONID Value: 497B948B860E26F2A749DABEFE402723

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

books.zoho.eu
books.zohosecure.eu
clients.bricktown.co.uk
d1rozh26tys225.cloudfront.net
fonts.googleapis.com
static.zohocdn.com
webfonts.zoho.com
static.zohocdn.com
webfonts.zoho.com
185.230.212.175
185.230.212.19
2600:9000:223d:ba00:5:acf3:db40:21
2a00:1450:4001:801::200a
35.214.118.104
89.36.170.147
13cf55ba523d7c7ca988e22d0196fc71f3f47896e7d705f96a9f3b018af349f4
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
38d5529b0279e50b6140d58fbba176e8af3fa0d068045d582a765c5005d53d5d
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac
61cf231cee8b0ccf8ba740599daa6f5519980587ae2f20b4baf5b7dd148a75dd
7e7bb9cbde7e3c9242f1dd0aa98224ac9f538221d188989d5e7b1c682689daf3
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9a97e8360d936b38a7f881dc608719e092a905c7eaea9709a28b44197abab21e
a3656416762daad8e21d051458455306e4d6ff504f0efe4816553ee3ee8c2f0f
daed5f030b7d78e92c71aa05601d7bc94a8c59f4037363666f02e5611fc5de42
ddb4a8fe630cda4853312bf576429166ca074167ec93d38b24fc80d166f52a34
e22c1f8135d5ba83d80eb8409e8788d974a01a49220cad31ce5676e38a9d5a17
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

books.zohosecure.eu Open in urlscan Pro 185.230.212.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

57 %HTTPS

33 %IPv6

7 Domains

7 Subdomains

6 IPs

5 Countries

80 kBTransfer

254 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

10 Cookies

Indicators

books.zohosecure.eu Open in urlscan Pro
185.230.212.19 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

57 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

6
IPs

5
Countries

80 kB
Transfer

254 kB
Size

10
Cookies

23 HTTP transactions
0 data transactions