urlscan.io logo urlscan.io
SecurityTrails logo

zra.zentrysecurity.com Open in urlscan Pro
209.36.106.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zra.zentrysecurity.com/
Effective URL: https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Submission: On June 29 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 209.36.106.201, located in Newark, United States and belongs to ATT-INTERNET4, US. The main domain is zra.zentrysecurity.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 3rd 2018. Valid for: 2 years.
This is the only time zra.zentrysecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 209.36.106.201 7018 (ATT-INTER...)
7 1
Apex Domain
Subdomains		 Transfer
8 zentrysecurity.com
zra.zentrysecurity.com
104 KB
7 1
Domain Requested by
8 zra.zentrysecurity.com 1 redirects zra.zentrysecurity.com
7 1

This site contains no links.

Subject Issuer Validity Valid
*.arraynetworks.net
Go Daddy Secure Certificate Authority - G2		 2018-08-03 -
2020-09-03		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Frame ID: 2094FD179798C846509D86BDC233E837
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://zra.zentrysecurity.com/ HTTP 302
    https://zra.zentrysecurity.com/prx/000/http/hostlocal/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /fingerprint(\d)?(?:\.min)?\.js/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

104 kB
Transfer

102 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zra.zentrysecurity.com/ HTTP 302
    https://zra.zentrysecurity.com/prx/000/http/hostlocal/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
zra.zentrysecurity.com/prx/000/http/hostlocal/
Redirect Chain
  • https://zra.zentrysecurity.com/
  • https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.36.106.201 Newark, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
proofpoint.arraynetworks.net
Software
/
Resource Hash
7a27c74c942f49aa5f7344b82109c45bdc62b1c40afbd6d6c7427333ba5bbff7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options no-sniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
zra.zentrysecurity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ANbookmark="https://zra.zentrysecurity.com/"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Frame-Options
SAMEORIGIN
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
no-sniff
X-XSS-Protection
1; mode=block
Content-Length
15596
Content-Language
en-us
Content-Type
text/html; charset=utf-8
Connection
Keep-Alive

Redirect headers

Location
https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Connection
Keep-Alive
Content-Length
134
Cache-Control
no-store, no-cache, must-revalidate
X-Frame-Options
DENY
Set-Cookie
ANsession0005012640347276=v_guac2; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT; secure ANbookmark="https://zra.zentrysecurity.com/"; path=/
portal.css
zra.zentrysecurity.com/prx/000/http/hostlocal/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zra.zentrysecurity.com/prx/000/http/hostlocal/portal.css
Requested by
Host: zra.zentrysecurity.com
URL: https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.36.106.201 Newark, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
proofpoint.arraynetworks.net
Software
/
Resource Hash
fdd5a9d8cce9453214efb805455c3af629143f884bdc431f60b6823722812ee5
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options no-sniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
no-sniff
Last-Modified
Thu, 04 Jun 2020 18:35:09 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-us
Connection
Keep-Alive
Content-Type
text/css; charset=utf-8
Content-Length
8675
X-XSS-Protection
1; mode=block
an_util.js
zra.zentrysecurity.com/prx/000/http/hostlocal/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zra.zentrysecurity.com/prx/000/http/hostlocal/an_util.js
Requested by
Host: zra.zentrysecurity.com
URL: https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.36.106.201 Newark, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
proofpoint.arraynetworks.net
Software
/
Resource Hash
4eaa7d7b9cba87006b453f0fb254db69f08f9b4e455265968a8ab324cabf27f5
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options no-sniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
no-sniff
Last-Modified
Thu, 04 Jun 2020 18:35:09 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-us
Connection
Keep-Alive
Content-Type
text/javascript; charset=utf-8
Content-Length
8206
X-XSS-Protection
1; mode=block
fingerprint.js
zra.zentrysecurity.com/prx/000/http/hostlocal/ 		60 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zra.zentrysecurity.com/prx/000/http/hostlocal/fingerprint.js
Requested by
Host: zra.zentrysecurity.com
URL: https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.36.106.201 Newark, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
proofpoint.arraynetworks.net
Software
/
Resource Hash
1d8c399d5bd00c404c6dc1c362f68424885fbc04d0a28571b1d199a099acd344
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options no-sniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
no-sniff
Last-Modified
Thu, 04 Jun 2020 18:35:09 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-us
Connection
Keep-Alive
Content-Type
text/javascript; charset=utf-8
Content-Length
61697
X-XSS-Protection
1; mode=block
lock_logo.gif
zra.zentrysecurity.com/prx/000/http/hostlocal/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zra.zentrysecurity.com/prx/000/http/hostlocal/images/lock_logo.gif
Requested by
Host: zra.zentrysecurity.com
URL: https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.36.106.201 Newark, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
proofpoint.arraynetworks.net
Software
/
Resource Hash
80093a514d9f743fca9c5ec2714be39bfab2bd563e58b76fd44e7ee1e2766f66
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options no-sniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
no-sniff
Last-Modified
Thu, 04 Jun 2020 18:35:09 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-us
Connection
Keep-Alive
Content-Type
image/gif
Content-Length
3656
X-XSS-Protection
1; mode=block
oauth_login.png
zra.zentrysecurity.com/prx/000/http/hostlocal/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zra.zentrysecurity.com/prx/000/http/hostlocal/oauth_login.png
Requested by
Host: zra.zentrysecurity.com
URL: https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.36.106.201 Newark, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
proofpoint.arraynetworks.net
Software
/
Resource Hash
0b17ea9ffe4d6d8bc4672b23928039cb4b93f3ef2c632249e7fb5c9e37d8794b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options no-sniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
no-sniff
Last-Modified
Thu, 04 Jun 2020 18:35:09 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-us
Connection
Keep-Alive
Content-Type
image/png
Content-Length
2304
X-XSS-Protection
1; mode=block
oauth_wechat_login.png
zra.zentrysecurity.com/prx/000/http/hostlocal/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zra.zentrysecurity.com/prx/000/http/hostlocal/oauth_wechat_login.png
Requested by
Host: zra.zentrysecurity.com
URL: https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.36.106.201 Newark, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
proofpoint.arraynetworks.net
Software
/
Resource Hash
9911e4357f2a1f83066b0c97cb982037e8ef2df7bbff3825fee64a359dda1b28
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options no-sniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zra.zentrysecurity.com/prx/000/http/hostlocal/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
no-sniff
Last-Modified
Thu, 04 Jun 2020 18:35:09 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-us
Connection
Keep-Alive
Content-Type
image/png
Content-Length
3840
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| _AN_str_passwordServer string| _AN_str_title_login string| _AN_str_help boolean| _AN_oauth_on boolean| _AN_aaa_rank_on number| _AN_aaa_defmethod_idx string| _AN_str_aaa_nomethod object| _AN_aaa_method number| _AN_aaa_method_idx string| _AN_str_method_error string| _AN_str_username string| _AN_str_password boolean| _AN_autocomplete string| _AN_str_login string| _AN_str_changepass string| _AN_vsite_name boolean| _AN_favorite_enable string| _AN_str_errormsg_login string| _AN_str_msg_login string| _AN_str_info_login string| _AN_str_info_method boolean| _AN_aaa_nouser boolean| _AN_secuid_ldap string| _AN_cert_field_vars string| _AN_str_localcheck_errmsg string| _AN_str_portal_language string| _AN_msg_id number| _AN_navtool_display number| _AN_navtool_type number| _AN_navtool_side function| _AN_nav_set_cookie function| _AN_nav_get_cookie_fields function| _AN_nav_get_cookie function| _AN_nav_write_default_cookie function| _AN_show_help function| _AN_len boolean| _AN_clisec_on string| _An_str_localcheck_ver string| _AN_str_localcheck_OS number| _AN_UNSUPPORTED number| _AN_WIN number| _AN_LINUX number| _AN_MAC string| sUserAgent function| checkOSSupport function| checkSupportBrowserCore function| checkBrowserSupport function| localCheckIsOk function| Fingerprint2 function| localCheckAndInit function| encryptHash function| oauth_login function| init string| testvar function| onmethodchange function| choosemethod function| SetTokenVar function| start_windows_java function| start_windows_activex function| switch_init_mode function| check_result

1 Cookies

Domain/Path Name / Value
zra.zentrysecurity.com/ Name: ANbookmark
Value: "https://zra.zentrysecurity.com/"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options no-sniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block