urlscan.io logo urlscan.io
SecurityTrails logo

api-ea.private.zscaler.com Open in urlscan Pro
54.201.108.98  Public Scan

Go To Rescan Add Verdict Report
URL: https://api-ea.private.zscaler.com/
Submission: On August 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 54.201.108.98, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is api-ea.private.zscaler.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 25th 2022. Valid for: a year.
This is the only time api-ea.private.zscaler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 54.201.108.98 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2
Apex Domain
Subdomains		 Transfer
7 zscaler.com
api-ea.private.zscaler.com
2 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
1 KB
8 2
Domain Requested by
7 api-ea.private.zscaler.com api-ea.private.zscaler.com
1 fonts.googleapis.com api-ea.private.zscaler.com
8 2

This site contains no links.

Subject Issuer Validity Valid
api-ea.private.zscaler.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-25 -
2023-08-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://api-ea.private.zscaler.com/
Frame ID: F89BD565F91F34919A01BF96FF7E73B3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Swagger UI

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1566 kB
Transfer

1571 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
api-ea.private.zscaler.com/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-ea.private.zscaler.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.108.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-108-98.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
45fe2a8d7b46ad5416e24b374d6321bd1154ff6d7402cb4d62922333b97c682f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store
content-language
de-DE
content-length
4766
content-type
text/html;charset=iso-8859-1
date
Thu, 17 Aug 2023 15:23:42 GMT
last-modified
Wed, 02 Aug 2023 20:24:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-frame-options
DENY
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Source+Code+Pro:300,600|Titillium+Web:400,600,700
Requested by
Host: api-ea.private.zscaler.com
URL: https://api-ea.private.zscaler.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
214bef842a898702d6d028b89e6a2157e74f8f5e03f4d68674e82900d17ac20c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-ea.private.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 15:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 15:23:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 15:23:42 GMT
swagger-ui.css
api-ea.private.zscaler.com/ 		142 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-ea.private.zscaler.com/swagger-ui.css
Requested by
Host: api-ea.private.zscaler.com
URL: https://api-ea.private.zscaler.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.108.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-108-98.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c00d0b59d8ca722d90e6eaabd495a934709499ee5d69bd0ea601969cc4b0ff20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-ea.private.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:23:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Wed, 02 Aug 2023 20:24:05 GMT
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css
cache-control
no-store
accept-ranges
bytes
content-length
145023
config.js
api-ea.private.zscaler.com/ 		86 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-ea.private.zscaler.com/config.js
Requested by
Host: api-ea.private.zscaler.com
URL: https://api-ea.private.zscaler.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.108.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-108-98.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2fb46a42c5973e38280b362c626413f26e60cf16be4e51c175fe05fd5784d896
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-ea.private.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:23:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 08 Aug 2023 07:27:42 GMT
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
cache-control
no-store
accept-ranges
bytes
content-length
86
swagger-ui-bundle.js
api-ea.private.zscaler.com/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-ea.private.zscaler.com/swagger-ui-bundle.js
Requested by
Host: api-ea.private.zscaler.com
URL: https://api-ea.private.zscaler.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.108.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-108-98.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
40196f4d623528299b2b06ed35ffef75217235b962964c7de19260adf4078b3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-ea.private.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:23:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Wed, 02 Aug 2023 20:24:05 GMT
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
cache-control
no-store
accept-ranges
bytes
content-length
1085789
swagger-zs-layout-preset.js
api-ea.private.zscaler.com/ 		325 KB
326 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-ea.private.zscaler.com/swagger-zs-layout-preset.js
Requested by
Host: api-ea.private.zscaler.com
URL: https://api-ea.private.zscaler.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.108.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-108-98.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e5a35eeeb69be4a9b4ccf18c539cfef8a4610a012cc002d77c601c488c498822
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-ea.private.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:23:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Wed, 02 Aug 2023 20:24:05 GMT
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
cache-control
no-store
accept-ranges
bytes
content-length
332692
api-docs
api-ea.private.zscaler.com/v2/ 		97 B
692 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-ea.private.zscaler.com/v2/api-docs
Requested by
Host: api-ea.private.zscaler.com
URL: https://api-ea.private.zscaler.com/swagger-ui-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.108.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-108-98.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
91b1c799a5861fff00b64e9dee21f538d41e6bf91b81110d2e13e30e67decb66
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
application/json,*/*
Referer
https://api-ea.private.zscaler.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 15:23:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; upgrade-insecure-requests
x-frame-options
DENY
cache-control
no-store
content-length
97
x-xss-protection
0
expires
0
zscaler.png
api-ea.private.zscaler.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-ea.private.zscaler.com/zscaler.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.108.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-108-98.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
5b7fe86920ec1dab6ed823fad0cdbd9b11aa329c88f16b596c46f9605b094b39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-ea.private.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:23:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Wed, 02 Aug 2023 20:24:05 GMT
x-frame-options
DENY
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/png
cache-control
no-store
accept-ranges
bytes
content-length
27421

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| config object| regeneratorRuntime function| SwaggerUIBundle object| SwaggerZSpreset object| versions object| ui

2 Cookies

Domain/Path Name / Value
api-ea.private.zscaler.com/ Name: AWSALB
Value: zkQ30NHhjmB5no54zcYk089U63IynCToUlkQjq5FlpC29vjCbAOl9Eyu9/wFb7buH/ey52iV2xny+ketPZRnlBd6ng7vk9WqgvTx+khd2AHEcSqAwYwf8mgcxtUb
api-ea.private.zscaler.com/ Name: AWSALBCORS
Value: zkQ30NHhjmB5no54zcYk089U63IynCToUlkQjq5FlpC29vjCbAOl9Eyu9/wFb7buH/ey52iV2xny+ketPZRnlBd6ng7vk9WqgvTx+khd2AHEcSqAwYwf8mgcxtUb

1 Console Messages

Source Level URL
Text
network error URL: https://api-ea.private.zscaler.com/v2/api-docs
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY