shield.zijasecure.com Open in urlscan Pro
18.233.84.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zijasecure.com/
Effective URL:
https://shield.zijasecure.com/login.html?language=
Submission: On April 30 via manual (April 30th 2020, 12:22:22 am UTC) from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 18.233.84.74, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is shield.zijasecure.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on December 27th 2018. Valid for: 2 years.

This is the only time shield.zijasecure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.55.1.62 52.55.1.62	14618 (AMAZON-AES) (AMAZON-AES)
6	18.233.84.74 18.233.84.74	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.111.229.247 104.111.229.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.214.224.204 67.214.224.204	29933 (OFF-CAMPU...) (OFF-CAMPUS-TELECOMMUNICATIONS)
5	161.71.1.37 161.71.1.37	14340 (SALESFORCE) (SALESFORCE)
13	5

2 52.55.1.62 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-1-62.compute-1.amazonaws.com

zijasecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.233.84.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-84-74.compute-1.amazonaws.com

shield.zijasecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.229.247 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-247.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.214.224.204 (Provo, United States)

ASN29933 (OFF-CAMPUS-TELECOMMUNICATIONS, US)

files.zijainternational.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 161.71.1.37 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-lhr3.um3-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	zijasecure.com 1 redirects zijasecure.com shield.zijasecure.com	2 MB
5	force.com service.force.com	21 KB
1	zijainternational.com files.zijainternational.com	185 KB
1	typography.com 1 redirects cloud.typography.com	446 B
13	4

	Domain	Requested by
6	shield.zijasecure.com	shield.zijasecure.com
5	service.force.com	shield.zijasecure.com service.force.com
2	zijasecure.com	1 redirects
1	files.zijainternational.com	shield.zijasecure.com
1	cloud.typography.com	1 redirects
13	5

This site contains no links.

Subject Issuer	Validity	Valid
*.zijasecure.com COMODO RSA Domain Validation Secure Server CA	`2018-12-27` - `2020-12-26`	2 years	crt.sh
*.zijainternational.com DigiCert SHA2 Secure Server CA	`2019-09-07` - `2021-10-22`	2 years	crt.sh
*.um3.force.com DigiCert SHA2 Secure Server CA	`2018-06-24` - `2020-06-24`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://shield.zijasecure.com/login.html?language=
Frame ID: 8D6594FEFE9356D1EB153D8751311C9B
Requests: 18 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://shield.zijasecure.com/login.html?language=
Frame ID: 3EEBE1B304BF3E7A184B39FE4B469347
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://zijasecure.com/ HTTP 301
https://zijasecure.com/ Page URL
https://shield.zijasecure.com/login.html?language= Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

2315 kB
Transfer

2677 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zijasecure.com/ HTTP 301
https://zijasecure.com/ Page URL
https://shield.zijasecure.com/login.html?language= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://zijasecure.com/ HTTP 301
https://zijasecure.com/

Request Chain 1

https://cloud.typography.com/7686092/6716352/css/fonts.css HTTP 302
https://files.zijainternational.com/fonts/617800/3534954B17D361826.css

13 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set /
zijasecure.com/
Redirect Chain

http://zijasecure.com/
https://zijasecure.com/

159 B
616 B

476ms
170ms

Document
text/html

52.55.1.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://zijasecure.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.55.1.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-1-62.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: zijasecure.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 30 Apr 2020 00:21:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 155
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT""
Set-Cookie: inSession=--index_corp.html----1577389383.65776--18521717112--; domain=.zijasecure.com; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-L: zija-master
Cache-Control: no-cache

Redirect headers

Server: nginx
Date: Thu, 30 Apr 2020 00:21:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://zijasecure.com/
X-L: zija-master
Cache-Control: no-cache

GET
H/1.1 200
OK Primary Request Cookie set login.html Show response
shield.zijasecure.com/ 13 KB
5 KB 641ms
228ms Document
text/html 18.233.84.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://shield.zijasecure.com/login.html?language=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-84-74.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 68812cb65f754e9b032eadedd9742b59a1fab4906cb5c5900f85d11df79f411a

Request headers

Host: shield.zijasecure.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://zijasecure.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: inSession=--index_corp.html----1577389383.65776--18521717112--
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://zijasecure.com/

Response headers

Date: Thu, 30 Apr 2020 00:21:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 3943
Connection: keep-alive
Set-Cookie: AWSALB=MDB+vtvOCHh9stmESNsaiiSWYfr79Ct/wUbhVWaEGkY35lIy70UfWx1qSRR7DZPOgOq7khH0gqAfaxtWk3haknAh+TgAOgg2epneWAGoxOZtcyFMCVmsj1qyW2Mw; Expires=Thu, 07 May 2020 00:21:46 GMT; Path=/ AWSALBCORS=MDB+vtvOCHh9stmESNsaiiSWYfr79Ct/wUbhVWaEGkY35lIy70UfWx1qSRR7DZPOgOq7khH0gqAfaxtWk3haknAh+TgAOgg2epneWAGoxOZtcyFMCVmsj1qyW2Mw; Expires=Thu, 07 May 2020 00:21:46 GMT; Path=/; SameSite=None; Secure
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT""
Vary: Accept-Encoding
Content-Encoding: gzip
X-L: zija-master
Cache-Control: no-cache

GET
H/1.1

200
OK

3534954B17D361826.css
files.zijainternational.com/fonts/617800/
Redirect Chain

https://cloud.typography.com/7686092/6716352/css/fonts.css
https://files.zijainternational.com/fonts/617800/3534954B17D361826.css

247 KB
185 KB

438ms
140ms

Stylesheet
text/css

67.214.224.204
OFF-CAMPUS-TELECO...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.zijainternational.com/fonts/617800/3534954B17D361826.css
Requested by: Host: shield.zijasecure.com
URL: https://shield.zijasecure.com/login.html?language=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.214.224.204 Provo, United States, ASN29933 (OFF-CAMPUS-TELECOMMUNICATIONS, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 7f9ad43a6b87af16ec2fa457b23da9796b44346ca8b1d1f42de12a6ac42d98f5

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 30 Apr 2020 00:21:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Jul 2018 16:29:30 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3dcc4-57134734f2716-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Fri, 30 Apr 2021 00:21:20 GMT

Redirect headers

Date: Thu, 30 Apr 2020 00:21:48 GMT
Last-Modified: Fri, 03 Nov 2017 18:26:56 GMT
Server: AkamaiNetStorage
ETag: "ec69300c12db4f1ff495de1a394333bb:1565663264"
Content-Type: text/html
Location: https://files.zijainternational.com/fonts/617800/3534954B17D361826.css
Cache-Control: must-revalidate, private
Connection: keep-alive
X-HCo-pid: 14
Content-Length: 154
Expires: Thu, 30 April 2020 00:21:47 GMT

GET
H/1.1 200
OK login.2aa01a50c61650e08329.css
shield.zijasecure.com/dist/css/ 175 KB
28 KB 383ms
381ms Stylesheet
text/css 18.233.84.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://shield.zijasecure.com/dist/css/login.2aa01a50c61650e08329.css
Requested by: Host: shield.zijasecure.com
URL: https://shield.zijasecure.com/login.html?language=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-84-74.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e8d345ef4515723a1947e1097b2af6a6fd12fb1b1a2d43e5bb4b6228bafb3707

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 30 Apr 2020 00:21:46 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT""
X-L: zija-master
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/css; charset=UTF-8
Content-Length: 27722

GET
H/1.1 200
OK zija-logo-full.svg
shield.zijasecure.com/zija/assets/img/ 6 KB
6 KB 324ms
108ms Image
image/svg+xml 18.233.84.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shield.zijasecure.com/zija/assets/img/zija-logo-full.svg
Requested by: Host: shield.zijasecure.com
URL: https://shield.zijasecure.com/login.html?language=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-84-74.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a3e31bce2098012a760fc0c5a8f3b46ed924b52a23b1299579e420d1d7270858

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 30 Apr 2020 00:21:46 GMT
Last-Modified: Tue, 26 Mar 2019 18:11:51 GMT
Server: nginx
ETag: "5c9a6b67-1620"
Content-Type: image/svg+xml
X-L: zija-master
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5664

GET
H/1.1 200
OK login_scripts.df48a37e9d206a61a14f.js Show response
shield.zijasecure.com/dist/js/ 162 KB
51 KB 474ms
270ms Script
application/x-javascript 18.233.84.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://shield.zijasecure.com/dist/js/login_scripts.df48a37e9d206a61a14f.js
Requested by: Host: shield.zijasecure.com
URL: https://shield.zijasecure.com/login.html?language=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-84-74.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e915fa4f33fc0e76d3ea9a0ad11988b283b43e556dae991d8ee7ee639cb7145d

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 30 Apr 2020 00:21:46 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT""
X-L: zija-master
Cache-Control: no-cache
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Content-Length: 51946

GET
H/1.1 200
OK login.4fada25200ebb1b71467.js Show response
shield.zijasecure.com/dist/js/ 4 KB
2 KB 337ms
122ms Script
application/x-javascript 18.233.84.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://shield.zijasecure.com/dist/js/login.4fada25200ebb1b71467.js
Requested by: Host: shield.zijasecure.com
URL: https://shield.zijasecure.com/login.html?language=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-84-74.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 195fce8ad811503945bd55d8fc01395db7a444afa4dbe97b30b8bcf75815ffe8

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 30 Apr 2020 00:21:46 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT""
X-L: zija-master
Cache-Control: no-cache
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Content-Length: 1540

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 149ms
27ms Script
application/x-javascript 161.71.1.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: shield.zijasecure.com
URL: https://shield.zijasecure.com/login.html?language=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 20:20:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 14475
Content-Length: 8409
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 26 Mar 2020 18:52:20 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Thu, 30 Apr 2020 20:20:31 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 2 KB
2 KB 28ms
27ms Script
application/x-javascript 161.71.1.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 13:34:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 38820
Content-Length: 979
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Thu, 30 Apr 2020 13:34:49 GMT

GET
H/1.1 200
OK homepage-header-desktop-4000x2250.png
shield.zijasecure.com/dist/img/ 2 MB
2 MB 261ms
260ms Image
image/png 18.233.84.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shield.zijasecure.com/dist/img/homepage-header-desktop-4000x2250.png
Requested by: Host: shield.zijasecure.com
URL: https://shield.zijasecure.com/login.html?language=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-84-74.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fe944f364e143003bb653ef99ea070de254dd4aaf83f2b3bf83c890d9bfe951e

Request headers

Referer: https://shield.zijasecure.com/dist/css/login.2aa01a50c61650e08329.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 30 Apr 2020 00:21:49 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT""
X-L: zija-master
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/png; charset=UTF-8

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b469c95ae3cf580e7a5eb45081f5d06dadc29c6fc27e9019363a821113fe3c4a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://shield.zijasecure.com

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f66028fe193bafd5458b85039e9ce80edb9a5f3cdacb780a684b038e25fe422

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://shield.zijasecure.com

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f4695dc01dca5b31607b562b17424ea0aef1576372e0114bb4a1b2458990726

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://shield.zijasecure.com

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55d8babb17b99bf9839dea27d1f526427df27a931ec1e680852ada82d81ba3d9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://shield.zijasecure.com

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 612d0c5ddc648b6fabb367c68d80b0b69001958aa42de115288ef0a690dea119

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://shield.zijasecure.com

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bedf108b3ee8f1c534aab3e2cf3f0ebd2138a9d88f4e1682929453769f6f420b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://shield.zijasecure.com

Response headers

Content-Type: application/x-font-woff2

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 30ms
29ms Stylesheet
text/css 161.71.1.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 13:30:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 23:00:22 GMT
Age: 39073
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Apr 2020 13:30:36 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 15 KB
5 KB 103ms
34ms Script
application/x-javascript 161.71.1.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shield.zijasecure.com/login.html?language=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 13:34:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Jan 2020 22:58:44 GMT
Age: 38820
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4511
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Apr 2020 13:34:49 GMT

GET
H/1.1 200
OK Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame 3EEB 0
0 44ms
43ms Document
text/html 161.71.1.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://shield.zijasecure.com/login.html?language=

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shield.zijasecure.com/login.html?language=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://shield.zijasecure.com/login.html?language=

Response headers

Date: Thu, 30 Apr 2020 00:21:49 GMT
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Set-Cookie: BrowserId=laVUNIp4Eeq-aYVCf2yibw; domain=.force.com; path=/; expires=Fri, 30-Apr-2021 00:21:49 GMT; Max-Age=31536000
Expires: Fri, 01 May 2020 00:21:49 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			shield.zijasecure.com/	1970-01-19 09:20:10	Name: AWSALBCORS Value: dr0pVTP3tylEM4XJO/Aa0oyg1S7n2pd8QniCOgiaIL5+++4MjOkwxKMjaeERRFKFhEFj7Ol9Y4VjWEq1ySyV1Vxhc3GlH8kcSAOQelO/mbrbn39/ExXD7beTd0si
			shield.zijasecure.com/	1970-01-19 09:20:10	Name: AWSALB Value: dr0pVTP3tylEM4XJO/Aa0oyg1S7n2pd8QniCOgiaIL5+++4MjOkwxKMjaeERRFKFhEFj7Ol9Y4VjWEq1ySyV1Vxhc3GlH8kcSAOQelO/mbrbn39/ExXD7beTd0si

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://shield.zijasecure.com/dist/js/login.4fada25200ebb1b71467.js(Line 50) Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.typography.com
files.zijainternational.com
service.force.com
shield.zijasecure.com
zijasecure.com
104.111.229.247
161.71.1.37
18.233.84.74
52.55.1.62
67.214.224.204
0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16
195fce8ad811503945bd55d8fc01395db7a444afa4dbe97b30b8bcf75815ffe8
1f66028fe193bafd5458b85039e9ce80edb9a5f3cdacb780a684b038e25fe422
4f4695dc01dca5b31607b562b17424ea0aef1576372e0114bb4a1b2458990726
55d8babb17b99bf9839dea27d1f526427df27a931ec1e680852ada82d81ba3d9
612d0c5ddc648b6fabb367c68d80b0b69001958aa42de115288ef0a690dea119
68812cb65f754e9b032eadedd9742b59a1fab4906cb5c5900f85d11df79f411a
7f9ad43a6b87af16ec2fa457b23da9796b44346ca8b1d1f42de12a6ac42d98f5
a3e31bce2098012a760fc0c5a8f3b46ed924b52a23b1299579e420d1d7270858
a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d
b469c95ae3cf580e7a5eb45081f5d06dadc29c6fc27e9019363a821113fe3c4a
bedf108b3ee8f1c534aab3e2cf3f0ebd2138a9d88f4e1682929453769f6f420b
d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6
e8d345ef4515723a1947e1097b2af6a6fd12fb1b1a2d43e5bb4b6228bafb3707
e915fa4f33fc0e76d3ea9a0ad11988b283b43e556dae991d8ee7ee639cb7145d
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
fe944f364e143003bb653ef99ea070de254dd4aaf83f2b3bf83c890d9bfe951e

shield.zijasecure.com Open in urlscan Pro 18.233.84.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

2315 kBTransfer

2677 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

shield.zijasecure.com Open in urlscan Pro
18.233.84.74 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

2315 kB
Transfer

2677 kB
Size

2
Cookies

13 HTTP transactions
6 data transactions