www.zscaler.com Open in urlscan Pro
2606:4700::6812:1d4a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://zscaler.voicestorm.com/Article/Redirect/edbdb713-d9b8-4aa6-9987-c4c1d8a0dc6a?uc=11264&g=cea9920f-0228-47e9-8422-02b6542...
Effective URL:
https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Submission: On May 24 via api (May 24th 2024, 7:56:28 am UTC) from US — Scanned from DE

Summary HTTP 179 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 35 domains to perform 179 HTTP transactions. The main IP is 2606:4700::6812:1d4a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.zscaler.com. The Cisco Umbrella rank of the primary domain is 71602.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 28th 2024. Valid for: a year.

This is the only time www.zscaler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	161.129.72.21 161.129.72.21	14449 (FIRSTUP-ASN) (FIRSTUP-ASN)
51	2606:4700::68... 2606:4700::6812:1d4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
9	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
7	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.229.175.130 54.229.175.130	16509 (AMAZON-02) (AMAZON-02)
2	34.254.105.143 34.254.105.143	16509 (AMAZON-02) (AMAZON-02)
3	35.80.246.154 35.80.246.154	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.85.22.235 104.85.22.235	16625 (AKAMAI-AS) (AKAMAI-AS)
11	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:209... 2600:9000:2090:c600:c:d449:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:264... 2600:9000:2644:9000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::6812:24c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.37.212 104.18.37.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:275... 2600:9000:275b:d000:9:14eb:6280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	18.239.67.100 18.239.67.100	16509 (AMAZON-02) (AMAZON-02)
1	34.238.149.65 34.238.149.65	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
8	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.239.50.128 18.239.50.128	16509 (AMAZON-02) (AMAZON-02)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
5	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:d9d0:22f3:56d4:e17a	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:629c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.35.58.27 13.35.58.27	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.72 18.66.122.72	16509 (AMAZON-02) (AMAZON-02)
2	76.223.9.105 76.223.9.105	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.212.39.155 3.212.39.155	14618 (AMAZON-AES) (AMAZON-AES)
1	54.195.89.156 54.195.89.156	16509 (AMAZON-02) (AMAZON-02)
5	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.235.191.156 44.235.191.156	16509 (AMAZON-02) (AMAZON-02)
1	34.212.4.35 34.212.4.35	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
179	49

2 161.129.72.21 (United States) 2 redirects

ASN14449 (FIRSTUP-ASN, US)

zscaler.voicestorm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700::6812:1d4a (United States)

ASN13335 (CLOUDFLARENET, US)

www.zscaler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.intellimize.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.zscaler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.175.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-175-130.eu-west-1.compute.amazonaws.com

117186981.intellimizeio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.105.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-105-143.eu-west-1.compute.amazonaws.com

api.intellimize.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.80.246.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-246-154.us-west-2.compute.amazonaws.com

log.intellimize.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.22.235 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-22-235.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:c600:c:d449:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.iseaskies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:9000:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:24c4 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275b:d000:9:14eb:6280:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2i34c80a0ftze.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.67.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-67-100.ams58.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.149.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-149-65.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

8541430.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.50.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-128.ams58.r.cloudfront.net

st.fullcircleinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.iseaskies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:d9d0:22f3:56d4:e17a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-27.fra60.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-72.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.9.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.39.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-39-155.compute-1.amazonaws.com

3.212.39.155	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.89.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-89-156.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.191.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-191-156.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	zscaler.com www.zscaler.com — Cisco Umbrella Rank: 71602 info.zscaler.com — Cisco Umbrella Rank: 489804	1 MB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 5787 c.6sc.co — Cisco Umbrella Rank: 8716 ipv6.6sc.co — Cisco Umbrella Rank: 5928 b.6sc.co — Cisco Umbrella Rank: 3876	22 KB
9	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2400 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7454 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7566 tracking.crazyegg.com — Cisco Umbrella Rank: 4579	83 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 312	183 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095	614 B
7	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 338 Failed www.linkedin.com — Cisco Umbrella Rank: 619 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	4 KB
6	iseaskies.com ob.iseaskies.com — Cisco Umbrella Rank: 606406 obs.iseaskies.com — Cisco Umbrella Rank: 459782	39 KB
6	intellimize.co cdn.intellimize.co — Cisco Umbrella Rank: 54477 api.intellimize.co — Cisco Umbrella Rank: 42062 log.intellimize.co — Cisco Umbrella Rank: 40377	87 KB
5	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4715 ws-assets.zoominfo.com — Cisco Umbrella Rank: 11817	30 KB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3361 d.adroll.com — Cisco Umbrella Rank: 1556	30 KB
5	googleusercontent.com lh4.googleusercontent.com — Cisco Umbrella Rank: 778 lh3.googleusercontent.com — Cisco Umbrella Rank: 44 lh6.googleusercontent.com — Cisco Umbrella Rank: 763	600 KB
4	fullcircleinsights.com st.fullcircleinsights.com — Cisco Umbrella Rank: 103360	5 KB
4	doubleclick.net 1 redirects 8541430.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	1 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 5337 px.mountain.com — Cisco Umbrella Rank: 5486 gs.mountain.com — Cisco Umbrella Rank: 11376	11 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	387 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 6903	4 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 26104 ibc-flow.techtarget.com — Cisco Umbrella Rank: 23444	2 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3932 cdn.acsbapp.com	93 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9185	707 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3535	122 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	73 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 345	15 KB
2	voicestorm.com 2 redirects zscaler.voicestorm.com	3 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 482	698 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	295 B
1	google.de www.google.de — Cisco Umbrella Rank: 7810	63 B
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1370 insight.adsrvr.org Failed	5 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 3462	18 KB
1	cloudfront.net d2i34c80a0ftze.cloudfront.net	11 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3868	1 KB
1	intellimizeio.com 117186981.intellimizeio.com — Cisco Umbrella Rank: 657642
0	clarity.ms Failed www.clarity.ms Failed
0	clearbitscripts.com Failed tag.clearbitscripts.com Failed
179	35

	Domain	Requested by
51	www.zscaler.com	www.zscaler.com js.zi-scripts.com
9	cdn.cookielaw.org	www.zscaler.com cdn.cookielaw.org
8	b.6sc.co
8	region1.analytics.google.com	www.googletagmanager.com
7	info.zscaler.com	www.zscaler.com info.zscaler.com
6	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
5	obs.iseaskies.com	ob.iseaskies.com
5	px.ads.linkedin.com	snap.licdn.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	st.fullcircleinsights.com	d2i34c80a0ftze.cloudfront.net
4	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com
4	www.googletagmanager.com	www.zscaler.com www.googletagmanager.com
3	js.zi-scripts.com	www.zscaler.com js.zi-scripts.com
3	log.intellimize.co	cdn.intellimize.co
2	px.mountain.com	dx.mountain.com px.mountain.com
2	www.facebook.com
2	epsilon.6sense.com	j.6sc.co
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	ibc-flow.techtarget.com	trk.techtarget.com
2	8541430.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.zscaler.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	api.intellimize.co	cdn.intellimize.co
2	lh6.googleusercontent.com	www.zscaler.com
2	lh4.googleusercontent.com	www.zscaler.com
2	zscaler.voicestorm.com	2 redirects
1	cdn.acsbapp.com	acsbapp.com
1	acsbapp.com	www.zscaler.com
1	gs.mountain.com	px.mountain.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	d.adroll.com	s.adroll.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	ad.doubleclick.net
1	dx.mountain.com	www.zscaler.com
1	js.adsrvr.org	www.googletagmanager.com
1	cdn.pdst.fm	www.zscaler.com
1	d2i34c80a0ftze.cloudfront.net	www.googletagmanager.com
1	trk.techtarget.com	www.zscaler.com
1	snap.licdn.com	www.googletagmanager.com
1	ob.iseaskies.com	www.googletagmanager.com
1	munchkin.marketo.net	www.zscaler.com
1	117186981.intellimizeio.com	cdn.intellimize.co
1	lh3.googleusercontent.com	www.zscaler.com
1	cdn.intellimize.co	www.zscaler.com
0	www.clarity.ms Failed	bat.bing.com
0	insight.adsrvr.org Failed	js.adsrvr.org
0	tag.clearbitscripts.com Failed	www.googletagmanager.com
179	58

This site contains links to these domains. Also see Links.

Domain
help.zscaler.com
admin.zscaler.net
admin.zscalerone.net
admin.zscalertwo.net
admin.zscalerthree.net
admin.zscalerbeta.net
admin.zscloud.net
admin.private.zscaler.com
reg.zenithlive.com
securitypreview.zscaler.com
customer.zscaler.com
community.zscaler.com
ir.zscaler.com
www.facebook.com
twitter.com
www.linkedin.com
github.com
obfuscator.io
facebook.com
linkedin.com
youtube.com

Subject Issuer	Validity	Valid
www.zscaler.com DigiCert SHA2 Extended Validation Server CA	`2024-02-28` - `2025-02-23`	a year	crt.sh
cdn.intellimize.co R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.googleusercontent.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
info.zscaler.com Cloudflare Inc ECC CA-3	`2023-10-08` - `2024-10-07`	a year	crt.sh
*.intellimizeio.com Amazon RSA 2048 M03	`2023-10-25` - `2024-11-22`	a year	crt.sh
api.intellimize.co Amazon RSA 2048 M02	`2023-10-25` - `2024-11-22`	a year	crt.sh
log.intellimize.co Amazon RSA 2048 M03	`2023-10-24` - `2024-11-21`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
script.crazyegg.com E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.iseaskies.com Amazon RSA 2048 M01	`2023-07-18` - `2024-08-16`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-02` - `2024-05-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-25` - `2024-06-24`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdn.pdst.fm WR3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
*.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
aws-st.fullcircleinsights.com Amazon RSA 2048 M01	`2023-05-30` - `2024-06-26`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
misc.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh
3.212.39.155 Sectigo RSA Domain Validation Secure Server CA	`2024-01-26` - `2025-02-15`	a year	crt.sh
zoominfo.com E1	`2024-05-20` - `2024-08-18`	3 months	crt.sh
acsbapp.com GTS CA 1P5	`2024-04-22` - `2024-07-21`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Frame ID: 8060C2FA9C1FD8C8C165E5CB430CCF91
Requests: 166 HTTP requests in this frame

Frame: https://117186981.intellimizeio.com/storage.html
Frame ID: DD6529276BFAF554C81D7E353DF06557
Requests: 1 HTTP requests in this frame

Frame: https://8541430.fls.doubleclick.net/activityi;dc_pre=CKntkofopYYDFdhRkQUdtusL2w;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques;ps=1;pcor=1876113489;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z871607006za201zb71607006;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques
Frame ID: 04AC680E0B2233F4B34E5F26301D4928
Requests: 1 HTTP requests in this frame

Frame: https://info.zscaler.com/index.php/form/XDFrame
Frame ID: 2EBE3298F923A859664923241FBEAE65
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=5gm3a7p&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&upid=27hmsyx&upv=1.1.0
Frame ID: FD9C640448424D35DB821E5E03E4FA55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://zscaler.voicestorm.com/Article/Redirect/edbdb713-d9b8-4aa6-9987-c4c1d8a0dc6a?uc=11264&g=cea9920f-02... HTTP 302
https://zscaler.voicestorm.com/member/post/edbdb713-d9b8-4aa6-9987-c4c1d8a0dc6a?uc=11264&g=cea9920f-0228-47... HTTP 302
https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

179
Requests

93 %
HTTPS

45 %
IPv6

35
Domains

58
Subdomains

49
IPs

6
Countries

3199 kB
Transfer

7687 kB
Size

45
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://help.zscaler.com/phone-support
Title: Support

Search URL Search Domain Scan URL

URL: https://admin.zscaler.net/
Title: Zscaler Cloud Portal | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscalerone.net/
Title: Zscaler Cloud Portal One | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscalertwo.net/
Title: Zscaler Cloud Portal Two | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscalerthree.net/
Title: Zscaler Cloud Portal Three | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscalerbeta.net/
Title: Zscaler Cloud Portal Beta | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscloud.net/
Title: admin.zscloud.net

Search URL Search Domain Scan URL

URL: https://admin.private.zscaler.com/
Title: Zscaler Private Access Sign-In

Search URL Search Domain Scan URL

URL: https://help.zscaler.com/client-connector/downloading-zscaler-client-connector
Title: Download Zscaler Client Connector

Search URL Search Domain Scan URL

URL: https://reg.zenithlive.com/flow/zscaler/zenithlive23/home/page/event
Title: Zenith Live

Search URL Search Domain Scan URL

URL: http://securitypreview.zscaler.com/
Title: Security Preview

Search URL Search Domain Scan URL

URL: https://customer.zscaler.com/
Title: Customer Success Center

Search URL Search Domain Scan URL

URL: https://community.zscaler.com/
Title: Zenith Community

Search URL Search Domain Scan URL

URL: https://help.zscaler.com/
Title: Zscaler Help Portal

Search URL Search Domain Scan URL

URL: https://ir.zscaler.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://tinyurl.com/y5omvuaa

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://tinyurl.com/y5omvuaa%20%E2%80%94%20New%20Phishing%20Trends%20and%20Evasion%20Techniques%22

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://tinyurl.com/y5omvuaa

Search URL Search Domain Scan URL

URL: https://github.com/javascript-obfuscator/javascript-obfuscator
Title: https://github.com/javascript-obfuscator/javascript-obfuscator

Search URL Search Domain Scan URL

URL: https://obfuscator.io/
Title: https://obfuscator.io/

Search URL Search Domain Scan URL

URL: https://facebook.com/zscaler
Title: Visit us on Facebook

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/zscaler
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/zscaler
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://youtube.com/user/ZscalerMarketing
Title: Subscribe our Youtube Channel

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://zscaler.voicestorm.com/Article/Redirect/edbdb713-d9b8-4aa6-9987-c4c1d8a0dc6a?uc=11264&g=cea9920f-0228-47e9-8422-02b6542f6676&f=79338 HTTP 302
https://zscaler.voicestorm.com/member/post/edbdb713-d9b8-4aa6-9987-c4c1d8a0dc6a?uc=11264&g=cea9920f-0228-47e9-8422-02b6542f6676&f=79338 HTTP 302
https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://8541430.fls.doubleclick.net/activityi;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques;ps=1;pcor=1876113489;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z871607006za201zb71607006;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques HTTP 302
https://8541430.fls.doubleclick.net/activityi;dc_pre=CKntkofopYYDFdhRkQUdtusL2w;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques;ps=1;pcor=1876113489;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z871607006za201zb71607006;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques

Request Chain 95

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D33962%26time%3D1716537381863%26url%3Dhttps%253A%252F%252Fwww.zscaler.com%252Fblogs%252Fsecurity-research%252Fnew-phishing-trends-and-evasion-techniques%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cookiesTest=true&liSync=true&e_ipv6=AQLmWpC03xpvwAAAAY-pmdkkdYUXiOs10fav0Apb35XbN67At5tfwEYO7Jfc5OJGX7AxIRM

Request Chain 105

https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

179 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request new-phishing-trends-and-evasion-techniques Show response
www.zscaler.com/blogs/security-research/
Redirect Chain

https://zscaler.voicestorm.com/Article/Redirect/edbdb713-d9b8-4aa6-9987-c4c1d8a0dc6a?uc=11264&g=cea9920f-0228-47e9-8422-02b6542f6676&f=79338
https://zscaler.voicestorm.com/member/post/edbdb713-d9b8-4aa6-9987-c4c1d8a0dc6a?uc=11264&g=cea9920f-0228-47e9-8422-02b6542f6676&f=79338
https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

376 KB
379 KB

417ms
308ms

Document
text/html

2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

c303b32cd7508a3545bf013c7bc90ac50a3dd80ca78d54a76285dedb2e5e9f9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 5
cache-control: no-cache,no-transform
cache-status: "Next.js"; hit; fwd=stale, "Netlify Edge"; fwd=miss
cf-cache-status: DYNAMIC
cf-ray: 888bba81f8e49974-FRA
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 07:56:20 GMT
etag: "v00hmoewl883n7-df"
netlify-vary: header=x-nextjs-data|x-next-debug-logging|Accept-Encoding,cookie=__prerender_bypass|__next_preview_data
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN https://cms.zscaler.com
x-nextjs-date: Fri, 24 May 2024 07:56:20 GMT
x-nf-request-id: 01HYMSKKARTYMCJ2ASA25BF60G
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 224
Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' static.dynamicsignal.com cdn.pendo.io data.pendo.io platform.twitter.com connect.facebook.net assets.adobedtm.com 'nonce-5844f22c241ed9b4b847c28070a52b82'; style-src 'self' static.dynamicsignal.com *.cloudfront.net *.googleapis.com maxcdn.bootstrapcdn.com 'unsafe-inline'; font-src * data: blob:; img-src * data: blob:; media-src * data: blob:; frame-src 'self' www.youtube.com platform.twitter.com www.facebook.com reg.voicestorm.com reg-eu.voicestorm.com reg.voicestorm.biz reg.dynamicsignal.com; manifest-src *; connect-src cdn.pendo.io data.pendo.io 'self' static.dynamicsignal.com api.dynamicsignal.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com translate.google.com *.googleapis.com *.cloudfront.net *.doubleclick.net platform.twitter.com connect.facebook.net assets.adobedtm.com olivia.paradox.ai gateway.zscloud.net relay.voicestorm.com relay-eu.voicestorm.com relay.voicestorm.biz relay.dynamicsignal.com freq.voicestorm.com freq-eu.voicestorm.com freq.voicestorm.biz freq.dynamicsignal.com api.voicestorm.com api-eu.voicestorm.com api.voicestorm.biz api.dynamicsignal.com apigateway.voicestorm.com apigateway-eu.voicestorm.com apigateway.voicestorm.biz apigateway.dynamicsignal.com streaming.voicestorm.com:* streaming-eu.voicestorm.com:* streaming.voicestorm.biz:* streaming.dynamicsignal.com:*; object-src 'none'; base-uri 'none'
Content-Type: text/html; charset=utf-8
Date: Fri, 24 May 2024 07:56:19 GMT
Location: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 117186981.js Show response
cdn.intellimize.co/snippet/ 362 KB
85 KB 148ms
40ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.intellimize.co/snippet/117186981.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb6a432365c488df976093b9442efa7e5e8d7b8bbe2b1c7e9673840320016748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220084-FRA
date: Fri, 24 May 2024 07:56:20 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 143
x-timer: S1716537381.577909,VS0,VE1
etag: "0b24ffe720ac8231b74ddaf954e7a0169--gzip"
vary: Intellimize-Namespace, Intellimize-StatusModule, Accept-Encoding
x-cache: HIT
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
content-length: 87019
x-cache-hits: 1

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/ 170 KB
27 KB 162ms
73ms Script
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/OtAutoBlock.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7e36f3f88692d69244aa905916aabc0e00bcc987bbc4cef85324e8c3733266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 57619
content-md5: xD1AeAP0mkjc7DsdK25Fqg==
content-length: 27724
x-ms-lease-status: unlocked
last-modified: Wed, 03 Apr 2024 06:34:16 GMT
server: cloudflare
etag: 0x8DC53A8159D511F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 708ee78f-b01e-0075-4bd1-9b5ddb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888bba84793337d2-FRA
expires: Sat, 25 May 2024 07:56:20 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 122ms
55ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
age: 40594
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6881
x-ms-lease-status: unlocked
last-modified: Thu, 23 May 2024 06:07:35 GMT
server: cloudflare
etag: 0x8DC7AEEA478CDA1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45f801e8-701e-0062-802b-ad06b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888bba84793637d2-FRA

GET
H2 200 image
www.zscaler.com/_next/ 169 KB
169 KB 100ms
94ms Image
image/avif 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2F----category-images%2Fphishing-spam%2Fphishing-spam-2%25402x.jpg&w=3840&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90de36eacfbcb58a2d6512b18d335414e0c72b137b6e4529c30d42588ce2d12a

Security Headers

Name	Value
Content-Security-Policy	,
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNB47XX5KRX6JZXE6FP
date: Fri, 24 May 2024 07:56:20 GMT
content-security-policy: ,
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 7
cross-origin-resource-policy: cross-origin
content-length: 172767
last-modified: Fri, 24 May 2024 07:56:13 GMT
netlify-vary: query=url|crop|fit|fm|h|height|position|q|quality|timestamp|w|width
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba843bb49974-FRA

GET
H2 200 219e54771de95554-s.p.woff2
www.zscaler.com/_next/static/media/ 37 KB
37 KB 79ms
76ms Font
font/woff2 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/219e54771de95554-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fde8fd7b0ad034128435bc21892e617683afdfb5cd4fef39c0bd6ff7d53723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Origin: https://www.zscaler.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKMBGKYT4QG5FTF1EPMA
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 35823
cache-status: "Netlify Edge"; hit
etag: "babaa13f5c4ebc035bab259b01678acd-ssl"
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 888bba83fb719974-FRA
content-length: 37876

GET
H2 200 86085b213eb89904-s.p.woff2
www.zscaler.com/_next/static/media/ 39 KB
39 KB 80ms
77ms Font
font/woff2 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/86085b213eb89904-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

258ac87e304908a79116737170a587d0ea6cb91c9fa2e10389e0c52b3a30f2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Origin: https://www.zscaler.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKMM92TJCPQDG97T9EVQ
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 41689
cache-status: "Netlify Edge"; hit
etag: "894b88dea44b3eea86047b5a14f70bd6-ssl"
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 888bba83fb729974-FRA
content-length: 40264

GET
H2 200 9cdafb0650413334-s.p.woff2
www.zscaler.com/_next/static/media/ 39 KB
40 KB 112ms
109ms Font
font/woff2 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/9cdafb0650413334-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beac035e4d7e7ca8063a81be0994cfc994d5f1c7539091659834203e076476ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Origin: https://www.zscaler.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKMHTR3FCS60KA1YHGZH
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 40897
cache-status: "Netlify Edge"; hit
etag: "df72b7565a3dbb7f09aca50548800425-ssl"
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 888bba83fb749974-FRA
content-length: 40336

GET
H2 200 4012cc4b67ad157d-s.p.woff2
www.zscaler.com/_next/static/media/ 9 KB
9 KB 114ms
111ms Font
font/woff2 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/4012cc4b67ad157d-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae9ce01eeaeb30d4044b4b309035579a53b0e534e28cbb8828f5b4f648514c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Origin: https://www.zscaler.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKMPS2HWXREA1AJ4RT15
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 41921
cache-status: "Netlify Edge"; hit
etag: "c6972ec112502e69799d66e6952e00da-ssl"
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 888bba83fb789974-FRA
content-length: 9592

GET
H2 200 edb9f1eb1c1a7ead-s.p.woff2
www.zscaler.com/_next/static/media/ 9 KB
9 KB 114ms
112ms Font
font/woff2 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/edb9f1eb1c1a7ead-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd93b89faa1f4642b0a4a84a36bccf5174c8af4a024d9291ed1e0300db58bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Origin: https://www.zscaler.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKMXNWR1DEVJZTW1B5ZW
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 41711
cache-status: "Netlify Edge"; hit
etag: "05b344f4b2133542bb04a3fa3940eb19-ssl"
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 888bba83fb7b9974-FRA
content-length: 8780

GET
H2 200 8a78698ab2154604.css
www.zscaler.com/_next/static/css/ 74 KB
16 KB 73ms
71ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/8a78698ab2154604.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7b03c85d0a5234d602e1fcf7d33a9aae23bfbf4cd76e7fedf5cdf58a3e8ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKM4R2BAG6VPAXAA5SKT
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41711
cache-status: "Netlify Edge"; hit
etag: W/"c82e4d34ce1460e6aa07c41d60efdb38-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba83fb639974-FRA

GET
H2 200 fd7dd15c84aa557e.css
www.zscaler.com/_next/static/css/ 97 KB
11 KB 74ms
72ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/fd7dd15c84aa557e.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

041f82ff646428788fe9781595e94b9511ae6fcb128c05a7997178dcbee37208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKMHZQ26TEP1N9CB4P08
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 19501
cache-status: "Netlify Edge"; hit
etag: W/"a3339c3189b536545eecac96e4c146d8-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba83fb669974-FRA

GET
H2 200 0be1e8ac8270edef.css
www.zscaler.com/_next/static/css/ 76 KB
10 KB 73ms
71ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/0be1e8ac8270edef.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

261f60a9345708c110143747569ffe8ed8d20f85425ab14a3d48d40eccab0d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKM8T6KHN6YAPF8M4K8V
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 42191
cache-status: "Netlify Edge"; hit
etag: W/"b9226db8323bcdf0e471564dfef7e2da-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba83fb679974-FRA

GET
H2 200 60ab7ffa9f7999ec.css
www.zscaler.com/_next/static/css/ 849 B
392 B 78ms
76ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/60ab7ffa9f7999ec.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d7420dc00f6c2095845ed3099c8c38269d37ed054a8570135082f433b717ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKMGV42JQX0RYHMJSVZ6
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41921
cache-status: "Netlify Edge"; hit
etag: W/"5c59d05d39e571427d40dd8d09b3cdb1-ssl"
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba83fb699974-FRA

GET
H2 200 54b114f76a2643a4.css
www.zscaler.com/_next/static/css/ 14 KB
2 KB 75ms
73ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/54b114f76a2643a4.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6a1e90281fb5f6bd8c4df8697f16fdd66b968afe67e22f20130b2a212910ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKMBYZGG66RX7JB9EM0H
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41009
cache-status: "Netlify Edge"; hit
etag: W/"b3b28bba19cd8cc9e623e240c2173191-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba83fb6b9974-FRA

GET
H2 200 2b4ce64ceddde260.css
www.zscaler.com/_next/static/css/ 5 KB
1 KB 114ms
112ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/2b4ce64ceddde260.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413d0b57de62b151d631e5c63ca0b52a447578209f5bd960ce99471228f34a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNCDW90ABNNWW8RNP28
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41922
cache-status: "Netlify Edge"; hit
etag: W/"6500871e7f2d73e4e65af7600507c088-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843ba69974-FRA

GET
H2 200 455227249223c84c.css
www.zscaler.com/_next/static/css/ 7 KB
1 KB 113ms
112ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/455227249223c84c.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6487817342cc7311d0f8603168a7edba803aa7de8813673eb155e8ea8b77b32c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNDFCF6GNF3VCQXYQKJ
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 40556
cache-status: "Netlify Edge"; hit
etag: W/"5e804ffd42b47c9b8cd3dd20a421e789-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843baa9974-FRA

GET
H2 200 b6d3c529ebda7335.css
www.zscaler.com/_next/static/css/ 18 KB
3 KB 116ms
114ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/b6d3c529ebda7335.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cfc7e7ef1b5a3b8ca8dc185554f0a13e93b88e1ea66e131cb8d8a922039aca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNFEY8ZX4F5DJN4SNHN
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41009
cache-status: "Netlify Edge"; hit
etag: W/"81a94e2ddda02a299099b2c339671b41-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bad9974-FRA

GET
H2 200 d34fc117d4462dbb.css
www.zscaler.com/_next/static/css/ 7 KB
1 KB 124ms
123ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/d34fc117d4462dbb.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02cf967312da416498f662d891dd432426488424f6334da0eb277059ecd2f59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKN6KXPTHWHGNHNYFKR4
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41009
cache-status: "Netlify Edge"; hit
etag: W/"2a8acaa7178d13abe2617ddf64fd1a8d-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843baf9974-FRA

GET
H2 200 9f2120aa527cefb0.css
www.zscaler.com/_next/static/css/ 96 KB
13 KB 115ms
114ms Stylesheet
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/9f2120aa527cefb0.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32ea65199f687a54440c559061cc9d7a89f6346d1516fd1d2dae11be1f631964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNDCXK0W5C62V63VT95
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41921
cache-status: "Netlify Edge"; hit
etag: W/"06d48239b1b02244c8a45c2b1c9cb487-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bb19974-FRA

GET
H2 200 7566.71d179d6b7f81e71.js Show response
www.zscaler.com/_next/static/chunks/ 10 KB
4 KB 112ms
107ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/7566.71d179d6b7f81e71.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4fa8fbc65336777e518d4b1a6ba4ad435fb1903242d247975eaf9e59246b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNZWM5JVSM2ACSF6FH9
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 40897
cache-status: "Netlify Edge"; hit
etag: W/"b25584b78b3117578d78e587fb8ac530-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bb69974-FRA

GET
H2 200 6738.6ec07d9cfeb23d50.js Show response
www.zscaler.com/_next/static/chunks/ 12 KB
4 KB 94ms
89ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/6738.6ec07d9cfeb23d50.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3a2d181d576ea192521f28442da75d63c67a83c23e95c2f989711cd08473c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNGMZZ175T3CCXTVTAA
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 42194
cache-status: "Netlify Edge"; hit
etag: W/"ffaa4bce68b1021059bba68381967a63-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bb79974-FRA

GET
H2 200 537.8ad21235b8edef2f.js Show response
www.zscaler.com/_next/static/chunks/ 604 B
435 B 112ms
108ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/537.8ad21235b8edef2f.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67bada63c3654c7168cedb6be0924d793dc683e81ae6740e3e14f3b181b94ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNSQT2K3JRETT3NZWTW
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41689
cache-status: "Netlify Edge"; hit
etag: W/"d9f5c31ba3339a24433c535485fd1646-ssl"
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bba9974-FRA

GET
H2 200 8338.3539dfc7fa5c0856.js Show response
www.zscaler.com/_next/static/chunks/ 112 KB
36 KB 93ms
89ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/8338.3539dfc7fa5c0856.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82597ca5e9f0b28679550d3daf2838062560cb46eae1c623b8ed40704ae82dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNJ9BV1FFT5DW47TCR4
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 18807
cache-status: "Netlify Edge"; hit
etag: W/"c9fdf90c0e8e740d5985bf02b6b033d1-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bbb9974-FRA

GET
H2 200 4194.e19b9f027bf1cdbe.js Show response
www.zscaler.com/_next/static/chunks/ 3 KB
1 KB 94ms
90ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/4194.e19b9f027bf1cdbe.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62cefdc627329af90143b8639e5c2d06d09fda072e28fa34de34c4576f3fe638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNG3MVPT9122A5090RB
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 40754
cache-status: "Netlify Edge"; hit
etag: W/"099b62b7f4fe5a03e3852a9382305bf3-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bbd9974-FRA

GET
H2 200 9775.4fcd8993e10e118a.js Show response
www.zscaler.com/_next/static/chunks/ 3 KB
1 KB 94ms
90ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/9775.4fcd8993e10e118a.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0febf92dfc888d121bf518cfcc2191bebc6707d7e4ee4f650ca525d3eab4aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNH7TTN2N1CFMD0BX1Q
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 40554
cache-status: "Netlify Edge"; hit
etag: W/"601cf6be55aa34cca4e8b2c46c856006-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bbe9974-FRA

GET
H2 200 1306.4bad92aa5b4cb51a.js Show response
www.zscaler.com/_next/static/chunks/ 9 KB
3 KB 99ms
95ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/1306.4bad92aa5b4cb51a.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b688b2cc33b5ce9eb7124542bdf53096e2dd9843feb317f2a626981d3d4d2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNYTJSWHA6TB1CX0EPH
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 42194
cache-status: "Netlify Edge"; hit
etag: W/"df82406c5b20315e3372f00049be1f55-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bbf9974-FRA

GET
H2 200 2284.ac80e90ba9cd28d3.js Show response
www.zscaler.com/_next/static/chunks/ 3 KB
2 KB 92ms
89ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/2284.ac80e90ba9cd28d3.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebbd76bc08f4d823aabfe6e4582a5a25b4de3d42779c290ad5fa349ec20d47a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNFFH6Q368W5ZZG593R
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41009
cache-status: "Netlify Edge"; hit
etag: W/"82bac8e692f90587b13d37773a342e2f-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bc09974-FRA

GET
H2 200 893.22dec4176478790a.js Show response
www.zscaler.com/_next/static/chunks/ 42 KB
14 KB 95ms
92ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/893.22dec4176478790a.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea0aa1e59e8c76d8753706839a434266b3c3af2bdb9ba28772731e9ac22d8ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNRC1ZTZB0Y4ANVM83S
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41009
cache-status: "Netlify Edge"; hit
etag: W/"2f0355c445049fd3a0516fcf4bcf00ec-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bc29974-FRA

GET
H2 200 webpack-c6b6c04208410a2d.js Show response
www.zscaler.com/_next/static/chunks/ 12 KB
6 KB 94ms
91ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/webpack-c6b6c04208410a2d.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c08227adea882f07401604a56d865ac62351436118bbc2102b3b7bd610b856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNPFMKJ6J2ZMY6WNKG2
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41448
cache-status: "Netlify Edge"; hit
etag: W/"24f6026347ee7dc85ccbf3797862b882-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bc49974-FRA

GET
H2 200 framework-56eb74ff06128874.js Show response
www.zscaler.com/_next/static/chunks/ 138 KB
45 KB 103ms
99ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/framework-56eb74ff06128874.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb0fd08062321d3ad12b2b73d4827be993967a8a7330447edb7aec9cd90f8b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNPTQS1C9NEDRA6R07X
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 42194
cache-status: "Netlify Edge"; hit
etag: W/"b7c867c4115d1d2563b1e4543a631e5a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bc59974-FRA

GET
H2 200 main-7c8d262537cac334.js Show response
www.zscaler.com/_next/static/chunks/ 111 KB
33 KB 168ms
165ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/main-7c8d262537cac334.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52c74d5f72fba35bbb92461ac20ea6d80b9e826d28369d5fa6010d9838508ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKPNCMB0PEGDD34WACMP
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 17771
cache-status: "Netlify Edge"; hit
etag: W/"16b7038049448ed0734707b3e7f45ff7-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bc69974-FRA

GET
H2 200 _app-381cb018016d85d5.js Show response
www.zscaler.com/_next/static/chunks/pages/ 361 KB
120 KB 97ms
95ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/pages/_app-381cb018016d85d5.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240fa43d73422ca94978e64289e61b6765eb22477bc9da42a47c889372cf7aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNMD13B6YF7GZ0MTTRH
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 42194
cache-status: "Netlify Edge"; hit
etag: W/"8326997730cce6f5926f45d94e9241f2-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bc89974-FRA

GET
H2 200 4612-23405d66c6367453.js Show response
www.zscaler.com/_next/static/chunks/ 188 KB
49 KB 93ms
90ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/4612-23405d66c6367453.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a9efd70b3669b60a085563e68956eda3f97e6aaf220ca03b348c10569f09c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNMZSJ870CB199SVF5J
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41908
cache-status: "Netlify Edge"; hit
etag: W/"ca71d65239742416101ca4a80bb85e15-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bc99974-FRA

GET
H2 200 9024-2ea31d3800d271c6.js Show response
www.zscaler.com/_next/static/chunks/ 135 KB
38 KB 101ms
99ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/9024-2ea31d3800d271c6.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccd347e0f413f8c1e5ad0bbfd846250914515ed5dced53829e2b2aae2b8e5c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNTNBJ0ACP6JA4KV4HT
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 42194
cache-status: "Netlify Edge"; hit
etag: W/"9c6b01a9eb0ef8de98e884ebcc22e7d0-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bcb9974-FRA

GET
H2 200 3281-d031b4487359e3b7.js Show response
www.zscaler.com/_next/static/chunks/ 78 KB
20 KB 93ms
91ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/3281-d031b4487359e3b7.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1413726cd49bff9c3b3dda8e828a02f97d3deb869d3e9af5f2365bbc76691ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNR83S0FBRC1ETGBC6S
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 18807
cache-status: "Netlify Edge"; hit
etag: W/"ddd1dd7d73a0b6090283981a57961ba3-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bcc9974-FRA

GET
H2 200 7339-0c4ff52cbd69feaa.js Show response
www.zscaler.com/_next/static/chunks/ 141 KB
30 KB 109ms
107ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/7339-0c4ff52cbd69feaa.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a637a287f67daeb4990d6c1772e67a88ffeb7d1a430424fd1c42701f3f21d689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNT7JEKDPP9DC86YMTP
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 35838
cache-status: "Netlify Edge"; hit
etag: W/"0056f4fce5700458bf58bb7d3787c9cd-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bcd9974-FRA

GET
H2 200 %5B...slug%5D-502379f14d426c57.js Show response
www.zscaler.com/_next/static/chunks/pages/blogs/ 3 KB
2 KB 91ms
89ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/pages/blogs/%5B...slug%5D-502379f14d426c57.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0499ef0693c480a72711031ca58bbfb6971d1a047036f1eccb3add0e4ea0f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNK97G6EBGPWKVCPNMN
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 42194
cache-status: "Netlify Edge"; hit
etag: W/"c965b420ca9ba799e4fa5ffe7db5b12d-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bd09974-FRA

GET
H2 200 _buildManifest.js Show response
www.zscaler.com/_next/static/y_2PKps-UGQzfAT112Ijg/ 3 KB
1001 B 93ms
91ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/y_2PKps-UGQzfAT112Ijg/_buildManifest.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

096f65cc12d8aa127c208834e2500d152d7973d3217e30c54d0c250ec63e69a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNVKBHWW4JAPCPBW60N
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41004
cache-status: "Netlify Edge"; hit
etag: W/"822eaee743b62dff48f80ae06ab89529-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bd29974-FRA

GET
H2 200 _ssgManifest.js Show response
www.zscaler.com/_next/static/y_2PKps-UGQzfAT112Ijg/ 417 B
286 B 96ms
95ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/y_2PKps-UGQzfAT112Ijg/_ssgManifest.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1a746e4540f4be2f9172e2403669d454784c6ff4e5394e5c89f6d24f22af83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKNZB009CZQBHVBF8XNF
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41019
cache-status: "Netlify Edge"; hit
etag: W/"9e56531e829a109b15c8b03429c19e6a-ssl"
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba843bd39974-FRA

GET
H2 200 image
www.zscaler.com/_next/ 5 KB
5 KB 189ms
187ms Image
image/avif 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fpictures%2Fpicture-17706-1569349247.jpg&w=96&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7541cef41eec7c766ddd2f3b8970a7fd45ee6ba25e34605cec497f781d38dc25

Security Headers

Name	Value
Content-Security-Policy	,
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKTE2SM3QK0QRSM8TFAS
date: Fri, 24 May 2024 07:56:20 GMT
content-security-policy: ,
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 39132
cross-origin-resource-policy: cross-origin
content-length: 5229
last-modified: Thu, 23 May 2024 21:04:08 GMT
netlify-vary: query=url|crop|fit|fm|h|height|position|q|quality|timestamp|w|width
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba853cf19974-FRA

GET
H2 200 e2CCVtO20DDW-ixNMcohbdWxK_mEumbN5Q8vbT_kQVm-nSvn7vqYDVEN6ynQsADS9lpAJ9i2celUeRcI_CgbDQP-sCmsghU0kGirXhVC5aZcTQE_t2TEVhA_UFg_YM5m1Fi6ZXAaRp_B5nBPxg
lh4.googleusercontent.com/ 226 KB
226 KB 1236ms
413ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/e2CCVtO20DDW-ixNMcohbdWxK_mEumbN5Q8vbT_kQVm-nSvn7vqYDVEN6ynQsADS9lpAJ9i2celUeRcI_CgbDQP-sCmsghU0kGirXhVC5aZcTQE_t2TEVhA_UFg_YM5m1Fi6ZXAaRp_B5nBPxg

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4c1ea9ccbc2c3935ebd327248ee6dfeaf946db9f4c86038d890b079cabb2a2d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image14.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231264
x-xss-protection: 0
expires: Sat, 25 May 2024 07:56:21 GMT

GET
H2 200 GicrOT6UnD_wajgXfQZ_0r1HmMH6fYCKwtgDEnj9Cr4O8AxwylyrxjrRgKT8J6fWbgUeVik8Frw94ygk9QJCGAPMa2K9EU8uCcF_vYr3VgUNRmE1rJ7C-GzJH7cHyteyl0f_1VIH
lh3.googleusercontent.com/ 145 KB
146 KB 493ms
234ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/GicrOT6UnD_wajgXfQZ_0r1HmMH6fYCKwtgDEnj9Cr4O8AxwylyrxjrRgKT8J6fWbgUeVik8Frw94ygk9QJCGAPMa2K9EU8uCcF_vYr3VgUNRmE1rJ7C-GzJH7cHyteyl0f_1VIH

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c20b49a8396902e4cc1c2c0ab04ff6dcced384b44f456aa9a33532120246c9e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148783
x-xss-protection: 0
expires: Sat, 25 May 2024 07:56:21 GMT

GET
H2 200 QUSjxh-YrkEL37fA4br5xiF0vfCgisUyvfsYZPTXmPu8FNLxrZ11BZF-uikGK7SU4UpO48k94xQ9Xe9wTMWcLlgpUQa8t3ltp7RG5WKAUVHHbJGKbvL0IptKb43H3QGIwVp9kQqWbiSnw0R09w
lh4.googleusercontent.com/ 93 KB
93 KB 1078ms
255ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/QUSjxh-YrkEL37fA4br5xiF0vfCgisUyvfsYZPTXmPu8FNLxrZ11BZF-uikGK7SU4UpO48k94xQ9Xe9wTMWcLlgpUQa8t3ltp7RG5WKAUVHHbJGKbvL0IptKb43H3QGIwVp9kQqWbiSnw0R09w

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91f9615a3d426c70c3ce49503f70a8d8816ab5891193e0905402a67c4a80def9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image10.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95283
x-xss-protection: 0
expires: Sat, 25 May 2024 07:56:21 GMT

GET
H2 200 4zdlJkhLazQYXarJYMGutICZ77yatopXogSlSdiHvI73GjrUDbQTL8kLCxgAfQP2dBTs7IgwpBKdPjJpDRuP846nKpPzatxKAgD1rjS1dsh04fyq7BMG4Lhtn8a3GSNDibAVMwIIckX5QG53gQ
lh6.googleusercontent.com/ 28 KB
28 KB 475ms
232ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/4zdlJkhLazQYXarJYMGutICZ77yatopXogSlSdiHvI73GjrUDbQTL8kLCxgAfQP2dBTs7IgwpBKdPjJpDRuP846nKpPzatxKAgD1rjS1dsh04fyq7BMG4Lhtn8a3GSNDibAVMwIIckX5QG53gQ

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e5b5ab186fd46f0eb587eb763d776d9cbe936476f6f71c6a8247079fdf27c530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image1.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
expires: Sat, 25 May 2024 07:56:21 GMT

GET
H2 200 jRdpCeHSwvHfS2ouHzsxhnbxZw7Zcws7nfsnR9Kkt2dE9HqtsKf2wkss3qU8dzWDpaOWp7ZDprKcFRCjuHkbtLMANRLMW7EvGUQD_IZVR1_fm4g1HZqvWEu5But_gBgo96V8yDNY
lh6.googleusercontent.com/ 106 KB
106 KB 515ms
272ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/jRdpCeHSwvHfS2ouHzsxhnbxZw7Zcws7nfsnR9Kkt2dE9HqtsKf2wkss3qU8dzWDpaOWp7ZDprKcFRCjuHkbtLMANRLMW7EvGUQD_IZVR1_fm4g1HZqvWEu5But_gBgo96V8yDNY

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f3b5a11609af751b9fd41503d4edad831c3bc9209282141310c9bc01b6eff2a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108259
x-xss-protection: 0
expires: Sat, 25 May 2024 07:56:21 GMT

GET
H2 200 3e894970-e3e9-4783-85e9-7c38eedbfbbf.json Show response
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/ 5 KB
2 KB 1241ms
169ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/3e894970-e3e9-4783-85e9-7c38eedbfbbf.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0cd39d290a1403b6303c049dceebac871d07a5f776b53f4e425ec2235d16a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 81118
content-md5: oj+Dp3bF+hHUZlalRDGEBg==
content-length: 1840
x-ms-lease-status: unlocked
last-modified: Wed, 03 Apr 2024 06:34:16 GMT
server: cloudflare
etag: 0x8DC53A81596745A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cf89ab07-101e-007e-77b2-97a9c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888bba8c5c92bb86-FRA
expires: Sat, 25 May 2024 07:56:21 GMT

GET
H2 200 7763.d758ee891eda7402.js Show response
www.zscaler.com/_next/static/chunks/ 1 KB
746 B 168ms
168ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/7763.d758ee891eda7402.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-c6b6c04208410a2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fb7c0200d46215e03c99a819b336c1426163575e3c55b6d5e9ba4449edede06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZQQWRJJ3E2PSRRSHKE
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41687
cache-status: "Netlify Edge"; hit
etag: W/"17febf2951ad34c7eeeef4016c7b0b2f-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba864e3b9974-FRA

GET
H2 200 5551.c4fb596d5a66633e.js Show response
www.zscaler.com/_next/static/chunks/ 1000 B
754 B 169ms
168ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/5551.c4fb596d5a66633e.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-c6b6c04208410a2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0ec04051c6114cc5c079a12d21ce695b45c0a1b0cb2d83886c26ee6cf1d187f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZS6QPVGA7B8A94PH3B
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 40985
cache-status: "Netlify Edge"; hit
etag: W/"a6691d54597182ea40834fe228daf31e-ssl"
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba864e3e9974-FRA

GET
H2 200 6023.ccb3fff03c4fa91a.js Show response
www.zscaler.com/_next/static/chunks/ 1 KB
761 B 196ms
196ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/6023.ccb3fff03c4fa91a.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-c6b6c04208410a2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89d648c6aa4a3bbf08b974e37aef5d320c80e336ba365417c6285a2f2711b140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZN5MX8GJFYXF4G97Z6
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41905
cache-status: "Netlify Edge"; hit
etag: W/"cdf67233aa350887f94d408f802c7482-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba864e409974-FRA

GET
H2 200 790.d7dc94c2ef6f512f.js Show response
www.zscaler.com/_next/static/chunks/ 1 KB
840 B 168ms
168ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/790.d7dc94c2ef6f512f.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-c6b6c04208410a2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dc479230d1f930e663a76b0f7bca0ddfa9c553134b741283d2b9cf82323b9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZQSM5V4E0PM0VM5TN5
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41918
cache-status: "Netlify Edge"; hit
etag: W/"a1ea44e59828d3f7a982ea32905c6987-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba864e469974-FRA

GET
H2 200 6831.3072668993ea221f.js Show response
www.zscaler.com/_next/static/chunks/ 1 KB
752 B 169ms
168ms Script
application/javascript 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/6831.3072668993ea221f.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-c6b6c04208410a2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f51ff024361e3d2d11964a55b9b1b54e89e911b4d60199aa0b55b8b5a214dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZMM3V4CZ07S7RQRV68
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 41237
cache-status: "Netlify Edge"; hit
etag: W/"e6955a7112f40e9844da8900d4e701a7-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba864e489974-FRA

GET
H2 200 image
www.zscaler.com/_next/ 35 KB
35 KB 93ms
92ms Image
image/avif 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Fshopping_for_malware.jpeg&w=600&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/9024-2ea31d3800d271c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01e4b67bdfe8cd7832d8f19e193665f41abfb70265d695944e1eaed9b19100a2

Security Headers

Name	Value
Content-Security-Policy	,
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZRMF3J6AE4A4A2J1QK
date: Fri, 24 May 2024 07:56:20 GMT
content-security-policy: ,
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 42186
cross-origin-resource-policy: cross-origin
content-length: 35642
last-modified: Thu, 23 May 2024 20:13:14 GMT
netlify-vary: query=url|crop|fit|fm|h|height|position|q|quality|timestamp|w|width
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba864e4c9974-FRA

GET
H2 200 image
www.zscaler.com/_next/ 29 KB
29 KB 94ms
94ms Image
image/avif 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2F----category-images%2Fcorporate%2Fzscaler-blog-corporate-2%25402x_0.jpg&w=600&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/9024-2ea31d3800d271c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191b1c26124fefdc8d60b595a42ff2170bd142d4873177c52ece80b2bdc8bb0c

Security Headers

Name	Value
Content-Security-Policy	,
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZNJ8G3VHXGNEYSASN7
date: Fri, 24 May 2024 07:56:20 GMT
content-security-policy: ,
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 42191
cross-origin-resource-policy: cross-origin
content-length: 29216
last-modified: Thu, 23 May 2024 20:13:09 GMT
netlify-vary: query=url|crop|fit|fm|h|height|position|q|quality|timestamp|w|width
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba864e4d9974-FRA

GET
H2 200 image
www.zscaler.com/_next/ 24 KB
24 KB 84ms
84ms Image
image/avif 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2F----category-images%2Fcloud-security%2Fzscaler-blog-cloud-security-2%25402x.jpg&w=600&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/9024-2ea31d3800d271c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9eb211babae7bd099323d54132686bfd5f948edd5ec4931744529e9bff9ec37

Security Headers

Name	Value
Content-Security-Policy	,
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZT2V4FX0QCT88RY6YM
date: Fri, 24 May 2024 07:56:20 GMT
content-security-policy: ,
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 42187
cross-origin-resource-policy: cross-origin
content-length: 24909
last-modified: Thu, 23 May 2024 20:13:14 GMT
netlify-vary: query=url|crop|fit|fm|h|height|position|q|quality|timestamp|w|width
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba864e4f9974-FRA

GET
H2 200 image
www.zscaler.com/_next/ 32 KB
32 KB 73ms
72ms Image
image/avif 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2F----category-images%2Fphishing-spam%2Fphishing-spam-2%25402x.jpg&w=600&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/9024-2ea31d3800d271c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

392136d90fb22aac0dce2b1a42dc0e6a2ca52814e33731421df26b195a624be0

Security Headers

Name	Value
Content-Security-Policy	,
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZNS8CW7AHT7VB9BBQ1
date: Fri, 24 May 2024 07:56:20 GMT
content-security-policy: ,
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 42186
cross-origin-resource-policy: cross-origin
content-length: 32596
last-modified: Thu, 23 May 2024 20:13:14 GMT
netlify-vary: query=url|crop|fit|fm|h|height|position|q|quality|timestamp|w|width
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba864e509974-FRA

GET
H2 200 forms2.min.js Show response
info.zscaler.com/js/forms2/js/ 199 KB
67 KB 247ms
111ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/js/forms2/js/forms2.min.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-7c8d262537cac334.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 2642
etag: "3209fe-31af8-616bbc873ed80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 888bba872d58bf6a-WAW
expires: Fri, 24 May 2024 11:56:21 GMT

GET
H2 200 fd7dd15c84aa557e.css Show response
www.zscaler.com/_next/static/css/ 97 KB
94 B 59ms
58ms Fetch
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/fd7dd15c84aa557e.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-7c8d262537cac334.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

041f82ff646428788fe9781595e94b9511ae6fcb128c05a7997178dcbee37208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKM0A81XAHSRJ4BZ3M1BY
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 19501
cache-status: "Netlify Edge"; hit
etag: W/"a3339c3189b536545eecac96e4c146d8-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba865e6e9974-FRA

GET
H2 200 0be1e8ac8270edef.css Show response
www.zscaler.com/_next/static/css/ 76 KB
156 B 57ms
57ms Fetch
text/css 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/0be1e8ac8270edef.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-7c8d262537cac334.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

261f60a9345708c110143747569ffe8ed8d20f85425ab14a3d48d40eccab0d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKKZY2QSW154HH54DXWJQ
date: Fri, 24 May 2024 07:56:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
age: 42191
cache-status: "Netlify Edge"; hit
etag: W/"b9226db8323bcdf0e471564dfef7e2da-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 888bba865e719974-FRA

GET
H2 200 storage.html
117186981.intellimizeio.com/ Frame DD65 0
0 180ms
59ms Document
text/html 54.229.175.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://117186981.intellimizeio.com/storage.html

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.229.175.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-175-130.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.zscaler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-length: 5622
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 07:56:21 GMT
etag: W/"15f6-i1JaE+2vqe5pqhYqt7p8ocnlnuI"
strict-transport-security: max-age=15552000; includeSubDomains
x-powered-by: Express

POST
H2 200 117186981 Show response
api.intellimize.co/context-v2/ 436 B
590 B 251ms
91ms Fetch
application/json 34.254.105.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.intellimize.co/context-v2/117186981

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.254.105.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-105-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2fd3939ef9fd148fc96240151cd770833fa013747788551540c6b2a363c0bf3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 200 clientlogger
log.intellimize.co/ 3 B
325 B 630ms
208ms Ping
application/json 35.80.246.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://log.intellimize.co/clientlogger

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.80.246.154 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-246-154.us-west-2.compute.amazonaws.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 image
www.zscaler.com/_next/ 115 KB
116 KB 63ms
62ms Image
image/avif 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2F----category-images%2Fphishing-spam%2Fphishing-spam-2%25402x.jpg&w=1920&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f4da05e82bc129a6ace5f9fe943f0b44bc1d1ec5a074ecedb59f8e57d0191b

Security Headers

Name	Value
Content-Security-Policy	,
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKM2FF5BXG3A3P73B9F91
date: Fri, 24 May 2024 07:56:20 GMT
content-security-policy: ,
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 7
cross-origin-resource-policy: cross-origin
content-length: 118251
last-modified: Fri, 24 May 2024 07:56:13 GMT
netlify-vary: query=url|crop|fit|fm|h|height|position|q|quality|timestamp|w|width
server: cloudflare
cache-status: "Netlify Edge"; hit
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba86df0a9974-FRA

POST
H2 200 117186981 Show response
api.intellimize.co/prediction/ 68 B
379 B 57ms
57ms Fetch
application/json 34.254.105.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.intellimize.co/prediction/117186981

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.254.105.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-105-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

27a89f92d0aed244a6e981ef7b25f83ad0268aee8519d70734f6ba0fd63d1a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 200 logger
log.intellimize.co/ 3 B
315 B 323ms
208ms Ping
application/json 35.80.246.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://log.intellimize.co/logger

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.80.246.154 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-246-154.us-west-2.compute.amazonaws.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 200 logger
log.intellimize.co/ 3 B
324 B 323ms
209ms Ping
application/json 35.80.246.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://log.intellimize.co/logger

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.80.246.154 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-246-154.us-west-2.compute.amazonaws.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 favicon-32x32.ico
www.zscaler.com/favicons/ 4 KB
4 KB 110ms
110ms Other
image/vnd.microsoft.icon 2606:4700::6812:1d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/favicons/favicon-32x32.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7eff4b4361c8058fbe407d9e1e0e14f425df85f01cd295f6e1ac1271a3ff6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HYMSKME6AXZ940T16G61BW0A
date: Fri, 24 May 2024 07:56:21 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 42141
cache-status: "Netlify Edge"; hit
etag: "5d00c0de27c65c78efe08fbcbcd851cd-ssl"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public,max-age=0,must-revalidate,no-transform
accept-ranges: bytes
cf-ray: 888bba8929c19974-FRA
content-length: 4286

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 363 KB
116 KB 163ms
77ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8dd816994e637150c564f7a3c2bac4c5868de946276ec73225303fffe27a498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118493
x-xss-protection: 0
last-modified: Fri, 24 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 07:56:21 GMT

GET
H2 200 getForm Show response
info.zscaler.com/index.php/form/ 6 KB
2 KB 106ms
106ms Script
application/javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.zscaler.com/index.php/form/getForm?munchkinId=306-ZEJ-256&form=7971&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&callback=jQuery371011985972580242077_1716537381140&_=1716537381141
Requested by: Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18ad96ea860ca62e73dd9b1161fafd6cd07d4f1ae5a7a035d67a31197df4f36

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 888bba8a5b33bf6a-WAW
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 getForm Show response
info.zscaler.com/index.php/form/ 6 KB
2 KB 121ms
120ms Script
application/javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.zscaler.com/index.php/form/getForm?munchkinId=306-ZEJ-256&form=1944&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&callback=jQuery371011985972580242077_1716537381142&_=1716537381143
Requested by: Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b94d5b7578ae77bb91e2cd497560d71044dd8afb38d94935c3eea28b8efbc2b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 888bba8a6b37bf6a-WAW
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
107 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a412fa7f724c9353acc45eafc76d54f4948285d5799a3f2261d44a3e0fbbfea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 May 2024 07:56:21 GMT

GET
H2 200 6635.js Show response
script.crazyegg.com/pages/scripts/0097/ 6 KB
2 KB 168ms
54ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87e9f3437f7fa81e1b66b4cb93c29f484582d836a80e52615b3a2e03b8434cc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1182
cf-polished: origSize=6229
ce-version: 11.5.214
cf-bgj: minify
last-modified: Fri, 24 May 2024 07:36:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 888bba8bc9883815-FRA

GET tags.js
tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/ 0
0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 263ms
49ms Script
application/x-javascript 104.85.22.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.22.235 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-22-235.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 07:56:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 6934ae2b-4c76-4229-97d0-8f637b004b88.js Show response
j.6sc.co/j/ 4 KB
2 KB 183ms
40ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/6934ae2b-4c76-4229-97d0-8f637b004b88.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fcd0d01f674bf8bc63ee2236eb16f008bdfaa10ff622806b05b762a88ac3498c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uLuCr1hhLpJjZt0sFSB89FSJa4YqIrE7
content-encoding: gzip
date: Fri, 24 May 2024 07:56:21 GMT
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 1178
pragma: no-cache
last-modified: Tue, 02 May 2023 17:36:47 GMT
server: AmazonS3
etag: "afb8c61166e7f50fe6d7ab7b6377733c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: XTYYinsEU3SGCFcvP5Fm5l8HlibXIaHbeXiH3CivlCbLHdFxadhv0A==
expires: Fri, 24 May 2024 07:56:21 GMT

GET
H2 200 1395e54b70b06b444656a2f40c135374.js Show response
ob.iseaskies.com/i/ 102 KB
38 KB 153ms
44ms Script
text/javascript 2600:9000:2090:c600:c:d449:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:c600:c:d449:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 175c3dfbf0f0638d29f1688934355fd6869729d088edd8b2915325eab2bacb09

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:02:12 GMT
content-encoding: gzip
via: 1.1 bf57ce1929fb438631e46b2c83b05e2a.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: AMS58-P1
age: 35777
etag: "19850-GU/Co96elftwDNfkeAY94ng1br8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38192
x-amz-cf-id: nIsSdgCsqMBv0cVQuH8X6krrGS_6m_ivDJdyFt_YYEOCqxhA6VdCAQ==
expires: Fri, 24 May 2024 10:00:04 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
27 KB 154ms
46ms Script
text/javascript 2600:9000:2644:9000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54034a97c2cd2fd617136446cef1993cfef5937fe2896ee7e4bd569cd18c94e5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: e6sYwBOpzRqd5bOAndACb6fCQ4ER0PM6
Content-Encoding: gzip
Via: 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Date: Fri, 24 May 2024 07:34:18 GMT
Age: 1324
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 21 May 2024 20:50:40 GMT
Server: AmazonS3
Etag: W/"da9bcd3341c4a1872c566741252e0d5f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: AjlQiDBHLpSpoVE6Y8V_6PDmSNWp_1SPTRAOEgTtQMBIde13co6eSQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 137ms
40ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=42748
accept-ranges: bytes
content-length: 16683

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 274 KB
92 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-812494211&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

841c81000f832a0b4efad511c4c2f87fba465a4d3900b43c987a6170e05c1e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93839
x-xss-protection: 0
last-modified: Fri, 24 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 07:56:21 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 172ms
65ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 24 May 2024 07:56:20 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47103E8C8A8A4BC9A434D66F09C1BF04 Ref B: FRA31EDGE0805 Ref C: 2024-05-24T07:56:21Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8541430&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

841d15e5ea21c93e4a1978363cb801485e15cf766a3fca75cdab03fa9360ad38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74192
x-xss-protection: 0
last-modified: Fri, 24 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 07:56:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 133ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 07:56:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: A2Flm4hq1qUM3byBJpp/GqTtOsOz59qaLwaRXvFW9/BzhORvWM6OaIU+nWleh7wTpNetO/Ysn9ykKqzSl3/ekA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 197ms
89ms Script
text/javascript 2606:4700:4400::6812:24c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 58000
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 888bba8cbeea1c20-FRA
expires: Fri, 24 May 2024 08:16:21 GMT

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 121ms
63ms Script
application/javascript 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
x-amz-version-id: 4TVPkf0eH3kVl0Vjj3KPZI_FUiecs6et
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 116bbd3369f3a47b2d68a49a57fa7b40.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW51-P3
age: 15422
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 06:37:27 GMT
server: cloudflare
etag: W/"5c7228fc2640a4dfce48217428980fe3"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 888bba8c8a9434f1-WAW
x-amz-cf-id: SZtkCXMyn9YDJQGl9FapOVDq58FV7KpPR8FcfueWyvacryxtq9qMWg==

GET
H2 200 fullcircle.js Show response
d2i34c80a0ftze.cloudfront.net/ 32 KB
11 KB 134ms
43ms Script
application/json 2600:9000:275b:d000:9:14eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=731c316a-c46e-4a94-81a9-7cfc0ea0d53e&domain=zscaler.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275b:d000:9:14eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aa2b8282a1438a0e53971aa29a5c54f2911a3cb79b44cc20f8521ead150c458f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 19:26:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront), 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-C1, FRA60-P7
age: 44963
x-amzn-requestid: 39a416ed-1f43-461e-9347-7e8d3da09563
x-amzn-trace-id: Root=1-664f9881-363246b407dd9e3e2f55ef68;Parent=68146f14fcdd7d38;Sampled=0;lineage=be50798f:0
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: YPTEWFRzvHcENLg=
x-amz-cf-id: tlpYaoCZzmrAZBBFvKW5dDdmErKxjJxTOpPETHu1MV3eklc56QvQmg==

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 18 KB
18 KB 140ms
40ms Script
text/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:50:27 GMT
age: 354
x-guploader-uploadid: ABPtcPqmzpaThKvoFRKBGAE9Tou9vYCH18mO4aqZ4TBOjtm0by9P4TKzmb-c0BNzzWQD-SKl8DuSJIdtlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17985
last-modified: Tue, 14 May 2024 14:35:47 GMT
server: UploadServer
etag: "d7cac522641241ca4e9ceac4f1b458e8"
x-goog-generation: 1715697347359123
x-goog-hash: crc32c=Q65p8w==, md5=18rFImQSQcpOnOrE8bRY6A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 17985
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 24 May 2024 08:50:27 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 135ms
40ms Script
application/x-javascript 18.239.67.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.67.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-67-100.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 06:47:17 GMT
Content-Encoding: gzip
Via: 1.1 9dfbacf2c8a61beb17591bdaab142956.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 May 2024 07:02:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P4
Age: 4145
x-amz-server-side-encryption: AES256
ETag: W/"a60a4e2650f94da6f243b9518761b381"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: e5lzzyTmBUtTdoPxx-jk4C9v6RlTNnL4U8K1VBwhrD9mVAkkjqn4Fg==

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 25 KB
7 KB 496ms
123ms Script
application/javascript 34.238.149.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cb=80316830038521390term=value
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-149-65.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: d052d754144719babc265dfb8b97e09ba7ce7c44047713b5f593018464d909d8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 3
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 forms2.css
info.zscaler.com/js/forms2/css/ 13 KB
3 KB 115ms
114ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/js/forms2/css/forms2.css

Requested by

Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 2641
etag: "3209f6-3437-616bbc873ed80"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 888bba8b5d1cbf6a-WAW
content-length: 2623
expires: Fri, 24 May 2024 11:56:21 GMT

GET
H2 200 forms2-theme-round.css
info.zscaler.com/js/forms2/css/ 4 KB
1 KB 93ms
93ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/js/forms2/css/forms2-theme-round.css

Requested by

Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 2641
etag: "3209f5-e46-616bbc873ed80"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 888bba8b5d23bf6a-WAW
content-length: 968
expires: Fri, 24 May 2024 11:56:21 GMT

GET
H2

200

activityi;dc_pre=CKntkofopYYDFdhRkQUdtusL2w;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fne...
8541430.fls.doubleclick.net/ Frame 04AC
Redirect Chain

https://8541430.fls.doubleclick.net/activityi;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2F...
https://8541430.fls.doubleclick.net/activityi;dc_pre=CKntkofopYYDFdhRkQUdtusL2w;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler....

0
0

76ms
75ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8541430.fls.doubleclick.net/activityi;dc_pre=CKntkofopYYDFdhRkQUdtusL2w;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques;ps=1;pcor=1876113489;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z871607006za201zb71607006;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8541430&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.zscaler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 445
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 May 2024 07:56:22 GMT
expires: Fri, 24 May 2024 07:56:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 May 2024 07:56:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8541430.fls.doubleclick.net/activityi;dc_pre=CKntkofopYYDFdhRkQUdtusL2w;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques;ps=1;pcor=1876113489;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z871607006za201zb71607006;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-tr...
ad.doubleclick.net/ 0
23 B 171ms
77ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=8541430;type=zscal00;cat=zscal0;ord=5949291039242;npa=1;auiddc=713005968.1716537382;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques;ps=1;pcor=1876113489;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z871607006za201zb71607006;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:21 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"15114454266698083389"}],"aggregatable_trigger_data":[{"filters":[{"14":["94252198"]}],"key_piece":"0x4158b2e51a602d93","source_keys":["12","13","14","15","16","17","18","19","20","21","14961884","14961885","14961886","14961887"]},{"key_piece":"0xcbf3423bbfaa4802","not_filters":{"14":["94252198"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","14961884","14961885","14961886","14961887"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"14961884":655,"14961885":655,"14961886":655,"14961887":63569,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15939259455562463268","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15114454266698083389","filters":[{"14":["94252198"],"source_type":["event"]},{"14":["94252198"],"24":["94252198"],"source_type":["navigation"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15114454266698083389","filters":[{"14":["94252198"],"23":["94252198"],"source_type":["navigation"]}],"priority":"10","trigger_data":"0"},{"deduplication_key":"15114454266698083389","filters":[{"14":["94252198"],"25":["94252198"],"source_type":["navigation"]}],"priority":"10","trigger_data":"2"},{"deduplication_key":"15114454266698083389","filters":[{"14":["94252198"],"26":["94252198"],"source_type":["navigation"]}],"priority":"10","trigger_data":"3"},{"deduplication_key":"15114454266698083389","filters":[{"14":["94252198"],"27":["94252198"],"source_type":["navigation"]}],"priority":"10","trigger_data":"4"},{"deduplication_key":"15114454266698083389","filters":[{"14":["94252198"],"28":["94252198"],"source_type":["navigation"]}],"priority":"10","trigger_data":"5"},{"deduplication_key":"15114454266698083389","filters":[{"14":["94252198"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15114454266698083389","filters":[{"source_type":["event"]},{"23":["94252198"],"source_type":["navigation"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15114454266698083389","filters":[{"24":["94252198"],"source_type":["navigation"]}],"priority":"0","trigger_data":"1"},{"deduplication_key":"15114454266698083389","filters":[{"25":["94252198"],"source_type":["navigation"]}],"priority":"0","trigger_data":"2"},{"deduplication_key":"15114454266698083389","filters":[{"26":["94252198"],"source_type":["navigation"]}],"priority":"0","trigger_data":"3"},{"deduplication_key":"15114454266698083389","filters":[{"27":["94252198"],"source_type":["navigation"]}],"priority":"0","trigger_data":"4"},{"deduplication_key":"15114454266698083389","filters":[{"28":["94252198"],"source_type":["navigation"]}],"priority":"0","trigger_data":"5"},{"deduplication_key":"15114454266698083389","filters":[{"29":["94252198"],"source_type":["navigation"]}],"priority":"0","trigger_data":"6"},{"deduplication_key":"15114454266698083389","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8541430"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 135ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je45m0v883639532z871607006za200zb71607006&_p=1716537381293&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1653881855.1716537382&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716537381&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&dt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20210115&ep.blog_child_category=Security%20Insights&ep.author_name=Kaivalya%20Khursale&ep.nid=41966&epn.hit_timestamp=1716537381623&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ep.loading_time_seconds=0&up.clientid=(not%20set)&up.debug_info=form_ids%3D()%26onetrust_id%3D(3e894970-e3e9-4783-85e9-7c38eedbfbbf)%26gtm_id%3D(GTM-5SLZFK)%26gtm_v%3D(503)%26debug%3D(false)&tfd=2588
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 147ms
48ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-10SPJ4YJL9&cid=1653881855.1716537382&gtm=45je45m0v883639532z871607006za200zb71607006&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 99ms
50ms Image
image/gif 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-10SPJ4YJL9&cid=1653881855.1716537382&gtm=45je45m0v883639532z871607006za200zb71607006&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1674559742

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET attribution_trigger
px.ads.linkedin.com/ 0
0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D33962%26time%3D1716537381863%26url%3Dhttps%253A%252F%252Fwww.zscaler.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cookiesTest=tr...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cookiesTest=t...

0
267 B

395ms
284ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cookiesTest=true&liSync=true&e_ipv6=AQLmWpC03xpvwAAAAY-pmdkkdYUXiOs10fav0Apb35XbN67At5tfwEYO7Jfc5OJGX7AxIRM
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 24 May 2024 07:56:23 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6DEA202F706D416CBA53FD1426087BEB Ref B: DUS30EDGE0707 Ref C: 2024-05-24T07:56:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYZLoD9HWYLVxn4rc+B3g==

Redirect headers

date: Fri, 24 May 2024 07:56:22 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 93FBE54DD4304D969B7A27A83DA4CC44 Ref B: FRAEDGE1218 Ref C: 2024-05-24T07:56:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cookiesTest=true&liSync=true&e_ipv6=AQLmWpC03xpvwAAAAY-pmdkkdYUXiOs10fav0Apb35XbN67At5tfwEYO7Jfc5OJGX7AxIRM
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYZLoD4GdnyCoIqET/7/A==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 77ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je45m0v883639532z871607006za200zb71607006&_p=1716537381293&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1653881855.1716537382&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1716537381&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&dt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20210115&ep.blog_child_category=Security%20Insights&ep.author_name=Kaivalya%20Khursale&ep.nid=41966&epn.hit_timestamp=1716537381601&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_js&ep.event_label=(not%20set)&_et=3&tfd=2650
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 76ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je45m0v883639532z871607006za200zb71607006&_p=1716537381293&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1653881855.1716537382&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=3&sid=1716537381&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&dt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20210115&ep.blog_child_category=Security%20Insights&ep.author_name=Kaivalya%20Khursale&ep.nid=41966&epn.hit_timestamp=1716537381872&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_rendered&epn.event_label=7971&_et=54&up.clientid=1653881855.1716537382&up.debug_info=form_ids%3D(7971%2C1944)%26onetrust_id%3D(3e894970-e3e9-4783-85e9-7c38eedbfbbf)%26gtm_id%3D(GTM-5SLZFK)%26gtm_v%3D(503)%26debug%3D(false)&tfd=2653
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XDFrame Show response
info.zscaler.com/index.php/form/ Frame 2EBE 2 KB
897 B 196ms
196ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/index.php/form/XDFrame

Requested by

Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02ef3d4346add95520307127e5cbfbd7b9da8697720a7c9046d44188bd19d1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.zscaler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 888bba8cff5bbf6a-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 07:56:22 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je45m0v883639532za200zb71607006&_p=1716537381293&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1653881855.1716537382&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=4&sid=1716537381&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&dt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&en=marketo_form_view&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20210115&ep.blog_child_category=Security%20Insights&ep.author_name=Kaivalya%20Khursale&ep.nid=41966&epn.hit_timestamp=1716537381872&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_rendered&epn.event_label=7971&_et=1&tfd=2672
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 52ms
51ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je45m0v883639532z871607006za200zb71607006&_p=1716537381293&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1653881855.1716537382&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=5&sid=1716537381&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&dt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20210115&ep.blog_child_category=Security%20Insights&ep.author_name=Kaivalya%20Khursale&ep.nid=41966&epn.hit_timestamp=1716537381895&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_ready&epn.event_label=7971&_et=17&tfd=2684
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je45m0v883639532z871607006za200zb71607006&_p=1716537381293&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1653881855.1716537382&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=6&sid=1716537381&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&dt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20210115&ep.blog_child_category=Security%20Insights&ep.author_name=Kaivalya%20Khursale&ep.nid=41966&epn.hit_timestamp=1716537381906&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_rendered&epn.event_label=1944&_et=8&tfd=2686
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger
px.ads.linkedin.com/ 2 B
961 B 274ms
223ms Image
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYZLoDm/lSWziVfodYwoA==
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6524281DFD8240A0ACEE2F0C45F25D3E Ref B: FRAEDGE1218 Ref C: 2024-05-24T07:56:21Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 0006192e80e6fe5496ce255fa1d630a0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je45m0v883639532za200zb71607006&_p=1716537381293&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1653881855.1716537382&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=7&sid=1716537381&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&dt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&en=marketo_form_view&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20210115&ep.blog_child_category=Security%20Insights&ep.author_name=Kaivalya%20Khursale&ep.nid=41966&epn.hit_timestamp=1716537381906&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_rendered&epn.event_label=1944&_et=8&tfd=2695
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.zscaler.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6635/site/ 96 KB
10 KB 139ms
55ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6635/site/www.zscaler.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744deafbbd06622b914865ace9fcb22228d456c004e39127c22cb29de2f1b46c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1145
ce-version: 11.5.214
content-length: 9747
last-modified: Fri, 24 May 2024 07:37:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba8dad0ba025-FRA

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

57ms
40ms

Script
application/javascript

2600:9000:2644:9000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2644:9000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Fri, 24 May 2024 06:32:32 GMT
Via: 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Age: 5034
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: yUU8KatgEfd0H068hAu-WOJHIzEBDYKafFn4RMakMU7csRCcLDu_Bw==

Redirect headers

Date: Thu, 23 May 2024 17:27:37 GMT
Via: 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Age: 52123
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 4PSYnL7bG1cmjAWCvwlpw-SHyELuU28FXN89TR7yIiOQstbZG6WAVQ==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/ 0
809 B 65ms
40ms Script
text/javascript 2600:9000:2644:9000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: uXQKGwnbgIjUqHCfCNSs9v9RR.K4vQXu
Date: Fri, 24 May 2024 06:57:00 GMT
Via: 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Age: 3588
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Mon, 20 May 2024 11:51:38 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 9DeMICiJmNkc-ADCJCBWvpxWzLTNaiwlfLoRvikurXG7rPORgdb_JQ==

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
18 KB 40ms
40ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/6934ae2b-4c76-4229-97d0-8f637b004b88.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 May 2024 06:01:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "663c66b5-106b3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 18038
expires: Fri, 24 May 2024 07:56:21 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 145ms
60ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 888bba8ded893650-FRA
access-control-allow-headers: Content-Type

GET
H2 200 295014050.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 70ms
69ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/295014050.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e132bc877dade68a5609e803549d6cead1c132d310dcc037de34d87fe00c5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 24 May 2024 07:56:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 34234BA4A5F848A991E165F65AE19DAA Ref B: FRA31EDGE0805 Ref C: 2024-05-24T07:56:21Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 199 B
552 B 198ms
198ms Fetch
application/json 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9f9d3b48b612b238a692d0b79f0b5a28e0ec4710c36660399493535a653b7133

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer e6609b6e9a1669129391
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.zscaler.com/
visited_url: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
via: 1.1 be10e6b765bbef9faac0617fa874014e.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P5
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: YRA2EhcbvHcEPpg=
server: cloudflare
etag: W/"c7-xi10tzjMapmqELKYElGVQh5cyrE"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 888bba90ad334541-TXL
x-amz-cf-id: jamjpqMxee2_9jSpYUbBpWNHTRp4WJoqpV6QdizH2t9J932PZJOaAA==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 522ms
480ms Preflight 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: YRA2ChauvHcEP-A=
cf-cache-status: DYNAMIC
cf-ray: 888bba8dad8e4541-TXL
date: Fri, 24 May 2024 07:56:22 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 be10e6b765bbef9faac0617fa874014e.cloudfront.net (CloudFront)
x-amz-cf-id: ZanepidHBXtI61l9LUEURVH04GznB4Dv3NaD5Z_FLgj2aPALVFlMgg==
x-amz-cf-pop: TXL50-P5
x-cache: Miss from cloudfront
x-powered-by: Express

OPTIONS
H2 200 create
st.fullcircleinsights.com/v1/visitors/ Frame 0
0 565ms
442ms Preflight
application/json 18.239.50.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visitors/create
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-128.ams58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: js-version,origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.zscaler.com
content-length: 1
content-type: application/json
date: Fri, 24 May 2024 07:56:22 GMT
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
x-amz-apigw-id: YRA2DG85PHcEtjA=
x-amz-cf-id: FN235pngkmPfIaYG8FzSipDfKyXric9iA_o6aZb0a-w68PMizo7JnQ==
x-amz-cf-pop: AMS58-P3
x-amzn-requestid: 1ef04cfa-b80a-43b2-a19c-88ffa350508c
x-cache: Miss from cloudfront

POST
H2 200 create Show response
st.fullcircleinsights.com/v1/visitors/ 1 KB
2 KB 494ms
493ms XHR
application/json 18.239.50.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://st.fullcircleinsights.com/v1/visitors/create

Requested by

Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=731c316a-c46e-4a94-81a9-7cfc0ea0d53e&domain=zscaler.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-128.ams58.r.cloudfront.net

Software

Resource Hash

f9562e4c4664827ed559d5ef9dfe0e487da03c6b5b41e820e97ad6468459c9ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
js-version: 1.0.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
origin-fci: https://www.zscaler.com
Referer: https://www.zscaler.com/
x-api-key: qJ5ZUG1BW44UIJbuBg8oP93ofs3xOFTZ7XFCqaSv
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
x-amzn-requestid: 9047e21f-a895-4a23-be67-321a3720a7d0
x-amzn-trace-id: Root=1-66504826-38aa7a04253aa293441e735a;Parent=40a73782d38f71eb;Sampled=0;lineage=7c392b7c:0
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
x-amz-apigw-id: YRA2HFwPPHcEeQA=
content-length: 1533
x-amz-cf-id: lMsGtK3WszLa11oHufL0Rg4Q01Fm749N5gG4t2eL-J_fdDEo36ePNQ==

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
450 B 149ms
145ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2334982&r=1716537382007&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 2334982
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPrisPlpUnLAP8GR9NXGr1UY21dEZLn_u-7MdVYcD_dKfEzqhdURQDOESfAEPsaw7vwtnZs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Fri, 24 May 2024 08:56:22 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 238ms
139ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2334982&r=1716537382007&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 24 May 2024 07:56:22 GMT
expires: Fri, 24 May 2024 07:56:22 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPr9ltw73H37gf2bdNDfbN0QOqjvABA33YvxRLmx5ox4NlaxjqrrAlUlHWdjlY7cNUbD01o

GET
H2 200 1778897272132032 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 184ms
183ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1778897272132032?v=2.9.156&r=stable&domain=www.zscaler.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8841d03ea3af875853225b0dcb36d0e7d20ba2388d73356770440ae95bf1e1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 07:56:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=65, mss=1294, tbw=63389, tp=-1, tpl=-1, uplat=142, ullat=0
pragma: public
x-fb-debug: Fwtv3/9C9toUNPorrtiJYlV3/dZSOd9zWziFf35Zzo0R1UBKM2uLMTF1r7KwGTDt3MMNm/Y0wajWbo9LLEjqoA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 329ms
159ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 07:56:22 GMT
function-execution-id: 1iknqqwp9g4p
server: Google Frontend
x-cloud-trace-context: 0fa957a30c6de7b35a7d6b6a322eee40

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
122 B 203ms
201ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.zscaler.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 189c63832ed675829057d362abd13f7c
cache-control: private
function-execution-id: yu01nsp3wbd3
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ct Show response
obs.iseaskies.com/ 4 KB
1 KB 523ms
255ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/ct?id=60409&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1716537382063&hl=2&op=0&ag=1628997315&rand=547291678569277808208007562700710476863111662596769659711011031606852209105111979972&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDk1ODFdLFsiYWJuY2giLDE2XSxbLTI2LCJ7XCJ0amhzXCI6MzkyODQ0OTgsXCJ1amhzXCI6MjY0MjEzODYsXCJqaHNsXCI6NDI5NDcwNTE1Mn0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yNSwiLSJdLFstNjUsIi0iXSxbLTE2LCIwIl0sWy0zMywiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJrZXl3b3Jkc1wiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCJdfSJdLFstOCwiLSJdLFstMzgsImMsLTEsLTEsNzk2LDAsMjQsMCwwLDg2LDQ1MiwtMSwwLDE0MjkuNywxOTcxLjUsMjc1MSwyNzUyIl0sWy01MiwiLSJdLFstMSwiLSJdLFstMTAsIi0iXSxbLTQ4LCIwLDAiXSxbLTI4LCJlbi1VUyxlbiJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTIxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy03LCItIl0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRQWEJrUlVVMU5TVW9ERmhaV1d4ZFFTbHhZU2xKUVhFb1hXbFpVRmxBV0NBb0FERndNRFZzT0NWc0pEMXNORFEwUERBOVlDMThOQ1ZvSUNnd0tEZzBYVTBvRENBTVBEZ3NBRHhBPSJdLFstMTIsIm51bGwiXSxbLTUxLCItIl0sWy0yMywiKyJdLFstNTgsIi0iXSxbLTYyLCI4MCJdLFstNjQsIlswLFwiV2luMzJcIixbe1wiYlwiOlwiR29vZ2xlIENocm9tZVwiLFwidlwiOlwiMTI1XCJ9LHtcImJcIjpcIk5vdDpBLUJyYW5kXCIsXCJ2XCI6XCI4XCJ9LHtcImJcIjpcIkNocm9taXVtXCIsXCJ2XCI6XCIxMjVcIn1dXSJdLFstNjcsIi0iXSxbLTEzLCItIl0sWy0xNywiMTIiXSxbLTM0LCItIl0sWy00MSwiLSJdLFstMiwiNixlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BFc1JFRVRwb1ZkRlZCUVFwUmNSQkZTS0lJZ2lSSXIwS2hKUnFwU0F0Q0FrUUhwSXp5YmJYcG1aci81L2Q5NmJ6Y3VTQVBKL0d0Il0sWy00MCwiMzMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNTAsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTU5LCJkZWZhdWx0Il0sWy05LCIrIl0sWy00NCwiMCwwLDAsNSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTIwLCIxNjUzODgxODU1LjE3MTY1MzczODIiXSxbLTMxLCJmYWxzZSJdLFstMTksIlsxMTcwLDExODAsMTE3MCwxMTgwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTI5LCItIl0sWy00OSwiLSJdLFstNjgsIi0iXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE1LCItIl0sWy01NSwiMSJdLFstNDUsIi0iXSxbLTYsIi0iXSxbLTI0LCJbXSJdLFstMzIsIi0iXSxbLTUzLCIxMDAiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIixcIjkwMTk4MjQzMVwiLFwiMTE3NDk4OTU1OVwiXSxcImRcIjpbXSxcImJcIjpbXCJfMVwiLFwiMjQyNTY2NTQwMVwiXSxcInNcIjoxfSJdLFstMjcsIls1MCwxMCwwLFwiNGdcIixudWxsXSJdLFstNCwiLSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLGNvbXB1dGVwcmVzc3VyZSxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsYXR0cmlidXRpb25yZXBvcnRpbmcsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstMzAsIltcInZcIiwwXSJdLFstNSwiLSJdLFstNjMsIjAiXSxbLTM1LCJbMTcxNjUzNzM4MjA1MywtMl0iXSxbLTE0LCItIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbImJuY2giLDEyMF0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZGUtREUsbGF0bixncmVnb3J5Il0sWy02MCwxODddLFstNjEsIntcIndnc2xcIjpcIjQ7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFsiZGRiIiwiMCw2LDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMiwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDEsMSwwLDAsMCwwLDEsMCwyLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMiwwLDYsMSwwLDAsMCwwLDAsMCwxIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDcsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw2LDAsMCwwLDAsMCwwLDEsMSwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=mderLxOags&pto=2838&ver=59&gac=1653881855.1716537382&mei=&ap=&fe=1&duid=1.1716537382.OkeYub1eRMPyhyeL&suid=1.1716537382.7PqtWxnB7zOLFGuU&tuid=1.1716537382.F2ikfuRXwyZe7V50&fbc=-&gtm=WyJta3RvX2Zvcm1fanMiLCJ6c2NhbGVyQmxvZ0F1dGhvcnMiLCJta3RvX2Zvcm1fcmVuZGVyZWQiLCJta3RvX2Zvcm1fcmVhZHkiLCJuZXh0cm9sbC1yZWFkeSJd&it=106%2C2369%2C186&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=1c766e3019a311efba944d906184b52a&spa=1&urid=0&ab=&sck=-
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a69de5e17bedb8dccd816b87f8602e97ea48c3160a70a183a2ca0804dedbc619

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1202
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ULSJHTPGTZGY3EPPZSKHKS Show response
d.adroll.com/consent/check/ 531 B
624 B 208ms
55ms Script
application/javascript 2a05:d018:cc3:fe05:d9d0:22f3:56d4:e17a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/ULSJHTPGTZGY3EPPZSKHKS?pv=76786813426.03601&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&_s=58ca23cb14582d9c15e17cd849ccd231&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:d9d0:22f3:56d4:e17a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 26ccef7de6e2531d69dc022399a438b3fdc284eb9354118801c80bc33dc79601

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
server: nginx/1.22.1
content-length: 531
content-type: application/javascript

GET up
insight.adsrvr.org/track/ Frame FD9C 0
0

GET
H2 200 e5507cc921bdb5250cc380247d78c91a.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 95 KB
31 KB 59ms
58ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce3dd79f6439614bd0067fdb4747883bb1a414133f1d33cc75c3f43afdeb4f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 May 2024 17:35:00 GMT
server: cloudflare
age: 149845
cf-polished: origSize=97322
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 888bba8e2c513815-FRA

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
698 B 163ms
66ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
an-x-request-uuid: d38d4072-b888-4d72-b892-471b4ceaafdc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zscaler.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.100; 80.255.7.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 60ms
40ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.zscaler.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
308 B 186ms
40ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d5792801335f11b32a948d51b64bb655b16f8767f5837f2be4c406715994752f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.zscaler.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::7
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1716537382162_388391900_48832745_20_854_40_88_219";dur=1
content-length: 19
expires: Fri, 24 May 2024 07:56:22 GMT

GET 295014050
www.clarity.ms/tag/uet/ 0
0

GET
H2 200 forms2.min.js Show response
info.zscaler.com/js/forms2/js/ Frame 2EBE 199 KB
0 0ms
0ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/js/forms2/js/forms2.min.js

Requested by

Host: info.zscaler.com
URL: https://info.zscaler.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://info.zscaler.com/index.php/form/XDFrame
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 2642
etag: "3209fe-31af8-616bbc873ed80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 888bba872d58bf6a-WAW
expires: Fri, 24 May 2024 11:56:21 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 54ms
54ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
age: 50107
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109676
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
server: cloudflare
etag: 0x8DC49752A75EB01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888bba8e5d8d37d2-FRA

GET
H2 200 www.zscaler.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6635/sampling/ 154 B
237 B 55ms
55ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6635/sampling/www.zscaler.com.json?t=476815
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ad71c4da529296d03cc2007a11a3d22ed57fe19276d923e5afda6e4e1ab8f7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1144
ce-version: 11.5.214
content-length: 145
last-modified: Fri, 24 May 2024 07:37:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 888bba8e9e8ca025-FRA

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
461 B 132ms
39ms XHR
application/json 13.35.58.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 a7089858ca46e4593c8301dd0b1a2cd2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 21363175
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: Ro-zsLQk13KIsEpa3t3oulKohuleUgBPXEZ-f9uMd5Ep9uPBAh06qQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
460 B 132ms
40ms XHR
application/json 18.66.122.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 01:23:29 GMT
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 13501974
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: NB27fklR6YHhdA9mhkll2Frr4kl0jlnrugt56W_Mi1vQrBbbwh7FYQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 231ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=c84c6578-f8b8-4f82-8238-ac569d58434f&session=0cffce18-37d3-4c93-83a1-554fd510b428&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Zscaler%20ThreatLabz%20researchers%20recently%20came%20across%20multiple%20phishing%20campaigns%20using%20novel%20obfuscation%20and%20evasion%20techniques.%20Check%20the%20details.%22%2C%22keywords%22%3A%22Phishing%2C%20Obfuscation%22%2C%22title%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&pageViewId=deea9391-473d-477b-819c-6add69ac3405&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 24 May 2024 07:56:22 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 229ms
202ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=c84c6578-f8b8-4f82-8238-ac569d58434f&session=0cffce18-37d3-4c93-83a1-554fd510b428&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22ab9750bca4342498694e239e304dd3a9%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%221dc729230d6b8d19bab5e6236d81f60c4dca0823%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%226934ae2b-4c76-4229-97d0-8f637b004b88%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Zscaler%20ThreatLabz%20researchers%20recently%20came%20across%20multiple%20phishing%20campaigns%20using%20novel%20obfuscation%20and%20evasion%20techniques.%20Check%20the%20details.%22%2C%22keywords%22%3A%22Phishing%2C%20Obfuscation%22%2C%22title%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&pageViewId=deea9391-473d-477b-819c-6add69ac3405&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 24 May 2024 07:56:22 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 232ms
207ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=c84c6578-f8b8-4f82-8238-ac569d58434f&session=0cffce18-37d3-4c93-83a1-554fd510b428&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A7%22%7D&isIframe=false&m=%7B%22description%22%3A%22Zscaler%20ThreatLabz%20researchers%20recently%20came%20across%20multiple%20phishing%20campaigns%20using%20novel%20obfuscation%20and%20evasion%20techniques.%20Check%20the%20details.%22%2C%22keywords%22%3A%22Phishing%2C%20Obfuscation%22%2C%22title%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&pageViewId=deea9391-473d-477b-819c-6add69ac3405&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 24 May 2024 07:56:22 GMT

GET
BLOB 200
OK e114b904-6c0e-496d-8be6-2f4efed53e70
https://www.zscaler.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.zscaler.com/e114b904-6c0e-496d-8be6-2f4efed53e70
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 725 B
707 B 117ms
44ms XHR
application/json 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Token 1dc729230d6b8d19bab5e6236d81f60c4dca0823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
X-6s-CustomID: WebTag 6934ae2b-4c76-4229-97d0-8f637b004b88
Referer: https://www.zscaler.com/
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 7783435918384070739
date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://www.zscaler.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 387

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 119ms
42ms Preflight 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.zscaler.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Fri, 24 May 2024 07:56:22 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 1111750789240935990

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/7e39d72d-1927-46f7-a0e0-f2afc442f33f/ 126 KB
28 KB 77ms
77ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/7e39d72d-1927-46f7-a0e0-f2afc442f33f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23f53e414e418ba0b70cf9106982d493e4d3554fc1929533737d4f595f89f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 58289
content-md5: SCNd+VjPycUxIbADx7mHRw==
content-length: 28323
x-ms-lease-status: unlocked
last-modified: Wed, 03 Apr 2024 06:34:28 GMT
server: cloudflare
etag: 0x8DC53A81D372E47
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1bb92dbc-e01e-0035-80d1-9b5ae3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888bba8fd942bb86-FRA
expires: Sat, 25 May 2024 07:56:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 126ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1778897272132032&ev=PageView&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&rl=&if=false&ts=1716537382380&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716537382376.1387666438&cs_est=true&ler=empty&cdl=API_unavailable&it=1716537382023&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 May 2024 07:56:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 260ms
174ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1778897272132032&ev=PageView&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&rl=&if=false&ts=1716537382380&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716537382376.1387666438&cs_est=true&ler=empty&cdl=API_unavailable&it=1716537382023&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3b296dc5458c63f9","source_keys":["1","2"]},{"key_piece":"0xd6ce7ed1eabafdd5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 24 May 2024 07:56:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=3089, tp=-1, tpl=-1, uplat=134, ullat=0
pragma: no-cache
x-fb-debug: vz/j7mjPrIjn+xacWyo54d/POHEweLv6pOXXauqq7/5SL+A/vQMwIWK2DUci2rhoRLsLC/A8zPM1WbqMU7fXzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK is Show response
3.212.39.155/ 32 B
437 B 476ms
123ms Fetch
text/plain 3.212.39.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://3.212.39.155/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cb=80316830038521390term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.212.39.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-39-155.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 1566c9b856874c959dc25daf6d8ed3feb67b6ae555a541c11c51a3b176dce192

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
BLOB 200
OK 9b3c36a8-0d4c-4c8a-8d2f-bd4a6e7ab953
https://www.zscaler.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.zscaler.com/9b3c36a8-0d4c-4c8a-8d2f-bd4a6e7ab953
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 13 KB
3 KB 52ms
52ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: KLWFssuowJEtDumTaVZD/A==
age: 57764
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:28 GMT
server: cloudflare
etag: 0x8DC497526A04834
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3a650741-801e-007e-6dd1-9ba6b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888bba908a4ebb86-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 5 KB
2 KB 54ms
53ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: k7yGPxSf903pvrcZkZ/tnw==
age: 60041
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1738
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:30 GMT
server: cloudflare
etag: 0x8DC497527AB27B4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4bf9e8d1-801e-00a5-22d1-9b608d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888bba908a50bb86-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 56ms
56ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 10163
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5e879149-f01e-0016-51d1-9bc020000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 888bba908a53bb86-FRA

GET
H2 200 clock Show response
tracking.crazyegg.com/ 38 B
145 B 218ms
78ms XHR
text/plain 54.195.89.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1716537382464&tk=80f93ae68d664369d14c6654f4ff8042&s=366477&p=%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&u=976635&v=ac456e04e7c7499bb48d3167eaf11066309d5e78&f=zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ul=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/e5507cc921bdb5250cc380247d78c91a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.89.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-89-156.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 1143416a787e837ca6b042f0cfdd90f6575d165accdb579a0c1d47da9bdbcc2d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 24 May 2024 07:56:22 GMT
cache-control: no-store
server: awselb/2.0
content-length: 38
content-type: text/plain

GET
H2 200 zscaler-variation-icon-white.png
cdn.cookielaw.org/logos/0ab9c0b7-247a-4ae1-b653-bc1c2e1efb99/018e5a48-f85f-7774-95d7-08faa6aa3c7b/12ee0f04-1958-4b33-a1d4-12aaee5a0f25/ 1 KB
2 KB 55ms
53ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/0ab9c0b7-247a-4ae1-b653-bc1c2e1efb99/018e5a48-f85f-7774-95d7-08faa6aa3c7b/12ee0f04-1958-4b33-a1d4-12aaee5a0f25/zscaler-variation-icon-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4e274c5793e7cd62cb67e2630278ef4a470b4baa35cb3b42e145717faed336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 May 2024 07:56:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AjwaatmEihRgIitZTQhd5w==
age: 84938
content-length: 1448
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:22:44 GMT
server: cloudflare
etag: 0x8DC4977B36FCFB2
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 11b1ed99-101e-008a-538e-7b6232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 888bba91693f37d2-FRA

GET
H2 200 tc_imp.gif
obs.iseaskies.com/tracker/ 43 B
79 B 120ms
120ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.iseaskies.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126be8c236ed44829f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5811896d2e17071a10acf9f29f674f8bd680062b6a1ffa7d7e03833bdb6b95066353229750540c60555e97bc6c1c77be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63fbb2807ff7ecaa8556d8e0e3143714493d60264f260b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7918677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e1d16f6643dfe934761b8dcfa21d905aa4eba834cca4c9fc92a976934939f24da778cc0b6a69de5e11c28f227aaa9bf6b0d26b6c13bd4f002f04f591e901a1d9b9a92c9c2f28220842bdd91f88876e3796a79957f2a83849a583c9ff874ba06e4834c9c3aa37a570446c63dae07d7cbab30ae973fcb1af6c0dfd761c15e506eec55195f315f79c6a66fbf56c3cb9664ebde63fad07489cca9ee7a8ca1ea532626d9b8050a9bb6490242d2cba27ab66888e05df3f26be36eaa358941964181fd7e854f65f6a48074232d335b38014e05b6f3d23d945be0140a1a76a6a645cdc60a10ecef8ec9e03597b3a085d2eaa5e34a4939f84f8eb7516b865d641cd66558726bf573ad6405d0bd9310d639827bcfd278dfb21f84691333625e6e19f7c3e7d22078579c044c95d3d8a7b9ca530682b9bd7d94d3727bd8d2122068f991d9553db627855f9906e23f9b12dcd412f8ba32ea8789d2984462f3e13b638177ba8cb0ab159e70351605906e5f51b1a35b88f015ca999ec848ce9b9a3006345ba33eac0cb648b3826d8a2f402741266079e15b929c3555bd02dcb5a170809b5f866672b1107b2d99edd20d59e673ebf14b8f6e74524be95951e2e68f219e2b2c869750e48689ed8a50db43542514f47226559f980e42bd5ca6baa665d1a1eb442200d41d656d16d30514a3c0ba0a1b82636fd2908647ccd7bdcc5120a446b95e3100892c4b389cba5146edd3e3c4fea051a16cb464be48dd9d4080b4ea2137f3941493daefce9ba087896d1dd2847002c260cc18975ffdf67ffd8ddfdf72b18fc9eabb1b2a86ebe7e2518109dd100468116bc38c2b768127f857d59624f2547bb37f54cf2ca1d13c27f025621b469ffdc43fda980d606b4d2ccccd8cf980229415baac333f8a904f4b72011b6560b078eaa52c45f4f18199a7f3eb&cri=mderLxOags&ts=559&cb=1716537382623
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Fri, 24 May 2024 07:56:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK abfd6b54-3480-4fb0-b5dd-db7bbc1cdc8e
https://www.zscaler.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.zscaler.com/abfd6b54-3480-4fb0-b5dd-db7bbc1cdc8e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f891b3805153ab80f237d2e3411717f908a7c0138652da4b337e370130e4630

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK fb5e6113-bdcf-4291-abee-6a285ed71e76
https://www.zscaler.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.zscaler.com/fb5e6113-bdcf-4291-abee-6a285ed71e76
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 242c367526c45b386dd4abba948c86884f552d35f7042efaea529bd7319359e3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 dda53996456118190a640875fa0663b1.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 54ms
54ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 May 2024 17:35:14 GMT
server: cloudflare
age: 149847
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 888bba9219bf3815-FRA

GET
BLOB 200
OK ff0d2b1a-805c-4146-9dcf-33346c506fb5
https://www.zscaler.com/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.zscaler.com/ff0d2b1a-805c-4146-9dcf-33346c506fb5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 275154b0a4aeea0253e28402a34f5572b58fd5d34a0cb04b9ec335409ec9bb7f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/ Frame 0
0 301ms
247ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.zscaler.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 888bba926c083486-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 07:56:22 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 90 KB
27 KB 161ms
98ms Script
application/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 1082
x-guploader-uploadid: ABPtcPrJ5uERHB_O5jovcXE1dW465tAo8R6I-4kpj28OyzRqHdX8ap5hTTtEy2ViFCi0noZ5oW0ciUFgqw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 10:14:37 GMT
server: cloudflare
etag: W/"006455bd44ed289ddcc403d0ecd96ab0"
x-goog-hash: crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
x-goog-generation: 1715854477710382
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91778
cf-ray: 888bba927e8335a8-WAW
expires: Fri, 24 May 2024 08:38:20 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/ 3 KB
2 KB 354ms
303ms Fetch
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

edb554b36dfa8100119f936afd57f0e9674771a8ff4b2a0e714d836b57c658ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Referer: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
_vtok: ODAuMjU1LjcuMTAw
_zitok: 2776dfe26ff82256a1df1716537382
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.zscaler.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 888bba944b3d356c-WAW

GET
H2 200 bd3cf4fdad82d5b7119c9bb8c5d92327.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 92ms
91ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/bd3cf4fdad82d5b7119c9bb8c5d92327.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:22 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 May 2024 17:35:11 GMT
server: cloudflare
age: 149844
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 888bba926a5f3815-FRA

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 866ms
215ms Script
application/javascript 44.235.191.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-10SPJ4YJL9%3BUA-6177009-1&ga_client_id=1653881855.1716537382&shpt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221716537381%22%7D%5D%2C%22hardcoded_ga%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_tracking_id%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_client_id%22%3A%221653881855.1716537382%22%2C%22shpt%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%2C%22dcm_cid%22%3A%221653881855.1716537382%22%2C%22mntnis%22%3A%2264G2CUm1ZJ7qzvHBnDM%2FcK2544cUrqfq%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A3%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1653881855.1716537382&available_ga=%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221716537381%22%7D%5D&hardcoded_ga=G-10SPJ4YJL9%3BUA-6177009-1&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cb=80316830038521390term%3Dvalue&shoid=%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&shadditional=language%3Den%2Cgoogletagmanager%3Dtrue%2Cadroll%3Dtrue%2Cga4%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cb=80316830038521390term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-191-156.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 4b5a6114687b10c9f391b3f07506359b39001dbdde631c4f9b1b9c3465df5bc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:23 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 205ms
205ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.zscaler.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 888bba93feb23486-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 07:56:23 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 321 B
618 B 205ms
204ms Fetch
application/json 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7b2a1e7ec66641ad958a36774552cc40712f052e2db6542cacc01fd2dbcde58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer 370c892e688e1744cd312ed1426b3a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.zscaler.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"141-mLq6O+j3ZcyvZxAx4AvrvpOh24w"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zscaler.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 888bba954cf4356c-WAW

OPTIONS
H2 200 queue
st.fullcircleinsights.com/v1/visits/ Frame 0
0 442ms
441ms Preflight
application/json 18.239.50.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visits/queue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-128.ams58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: js-version,origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.zscaler.com
content-length: 1
content-type: application/json
date: Fri, 24 May 2024 07:56:23 GMT
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
x-amz-apigw-id: YRA2MHbXPHcEMHw=
x-amz-cf-id: c8917F94ICMcS0l3S3GeNjYePxnthkXE80No_DfaDvnokRodnpuwBg==
x-amz-cf-pop: AMS58-P3
x-amzn-requestid: 82ec85c8-1caf-48b5-8789-da8d8f1815e7
x-cache: Miss from cloudfront

POST
H2 200 queue Show response
st.fullcircleinsights.com/v1/visits/ 2 KB
3 KB 618ms
618ms XHR
application/json 18.239.50.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://st.fullcircleinsights.com/v1/visits/queue

Requested by

Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=731c316a-c46e-4a94-81a9-7cfc0ea0d53e&domain=zscaler.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-128.ams58.r.cloudfront.net

Software

Resource Hash

9c57baa805280b30224dfa39c6ec2de8d4c9b82ee127eaa905c43637e96b5094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
js-version: 1.0.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
origin-fci: https://www.zscaler.com
Referer: https://www.zscaler.com/
x-api-key: qJ5ZUG1BW44UIJbuBg8oP93ofs3xOFTZ7XFCqaSv
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
x-amzn-requestid: 64d4336b-e480-4007-9929-a86e4252f04e
x-amzn-trace-id: Root=1-66504827-40318c450be9744f10729392;Parent=00508384eb81d33b;Sampled=0;lineage=adebd93c:0
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
x-amz-apigw-id: YRA2SF1ZPHcEhFQ=
content-length: 2175
x-amz-cf-id: uyan87nydvSaWalhqw11en7nd3Tha0BBiI_d0xl-IkEs1QQ3hnsrIQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 135ms
135ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=c84c6578-f8b8-4f82-8238-ac569d58434f&session=0cffce18-37d3-4c93-83a1-554fd510b428&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A22%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Zscaler%20ThreatLabz%20researchers%20recently%20came%20across%20multiple%20phishing%20campaigns%20using%20novel%20obfuscation%20and%20evasion%20techniques.%20Check%20the%20details.%22%2C%22keywords%22%3A%22Phishing%2C%20Obfuscation%22%2C%22title%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&pageViewId=deea9391-473d-477b-819c-6add69ac3405&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 24 May 2024 07:56:23 GMT

GET 074261bb-bdc2-4abd-b986-6fdee84ae2d8
https://www.zscaler.com/ 0
0

POST
H2 200 mon Show response
obs.iseaskies.com/ 0
147 B 127ms
127ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/mon
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.zscaler.com
date: Fri, 24 May 2024 07:56:23 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.iseaskies.com/ 0
16 B 124ms
123ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/mon
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.zscaler.com
date: Fri, 24 May 2024 07:56:23 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
194 B 230ms
229ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.zscaler.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:23 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 085381236355423286C26F4092390FEF Ref B: FRAEDGE1218 Ref C: 2024-05-24T07:56:23Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.zscaler.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYZLoEBkoNFlu+i7KKQyw==

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 856ms
215ms Script
application/javascript 34.212.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-10SPJ4YJL9%3BUA-6177009-1&ga_client_id=1653881855.1716537382&shpt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221716537381%22%7D%5D%2C%22hardcoded_ga%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_tracking_id%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_client_id%22%3A%221653881855.1716537382%22%2C%22shpt%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%2C%22dcm_cid%22%3A%221653881855.1716537382%22%2C%22mntnis%22%3A%2264G2CUm1ZJ7qzvHBnDM%2FcK2544cUrqfq%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A3%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1653881855.1716537382&available_ga=%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221716537381%22%7D%5D&hardcoded_ga=G-10SPJ4YJL9%3BUA-6177009-1&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cb=80316830038521390term%3Dvalue&shoid=%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&shadditional=language%3Den%2Cgoogletagmanager%3Dtrue%2Cadroll%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 82d86b63cdecac35eda7d7e5144ee06876527acb368fc078197505f6e63df0b3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 129ms
129ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=c84c6578-f8b8-4f82-8238-ac569d58434f&session=0cffce18-37d3-4c93-83a1-554fd510b428&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A23%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Zscaler%20ThreatLabz%20researchers%20recently%20came%20across%20multiple%20phishing%20campaigns%20using%20novel%20obfuscation%20and%20evasion%20techniques.%20Check%20the%20details.%22%2C%22keywords%22%3A%22Phishing%2C%20Obfuscation%22%2C%22title%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&pageViewId=deea9391-473d-477b-819c-6add69ac3405&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 24 May 2024 07:56:24 GMT

GET
H/1.1 200
OK st Show response
px.mountain.com/ 6 KB
2 KB 946ms
250ms Script
application/javascript 44.235.191.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-10SPJ4YJL9%3BUA-6177009-1&ga_client_id=1653881855.1716537382&shpt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221716537381%22%7D%5D%2C%22hardcoded_ga%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_tracking_id%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_client_id%22%3A%221653881855.1716537382%22%2C%22shpt%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%2C%22dcm_cid%22%3A%221653881855.1716537382%22%2C%22mntnis%22%3A%2264G2CUm1ZJ7qzvHBnDM%2FcK2544cUrqfq%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A3%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1653881855.1716537382&available_ga=%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221716537381%22%7D%5D&hardcoded_ga=G-10SPJ4YJL9%3BUA-6177009-1&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&shoid=%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&shadditional=language%3Den%2Cgoogletagmanager%3Dtrue%2Cadroll%3Dtrue%2Cga4%3Dtrue&cb=1716537383760114&shguid=c37b7f56-301b-3f0e-9745-317dfd3860a6&shgts=1716537384616
Requested by: Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=G-10SPJ4YJL9%3BUA-6177009-1&ga_client_id=1653881855.1716537382&shpt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221716537381%22%7D%5D%2C%22hardcoded_ga%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_tracking_id%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_client_id%22%3A%221653881855.1716537382%22%2C%22shpt%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%2C%22dcm_cid%22%3A%221653881855.1716537382%22%2C%22mntnis%22%3A%2264G2CUm1ZJ7qzvHBnDM%2FcK2544cUrqfq%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A3%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1653881855.1716537382&available_ga=%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221716537381%22%7D%5D&hardcoded_ga=G-10SPJ4YJL9%3BUA-6177009-1&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&cb=80316830038521390term%3Dvalue&shoid=%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&shadditional=language%3Den%2Cgoogletagmanager%3Dtrue%2Cadroll%3Dtrue%2Cga4%3Dtrue
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-191-156.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 98c8aec34d079934112e81eb7310fc48c4761124f50337e365b0351094ad449e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:25 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 38
connection: close

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 321ms
318ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=c84c6578-f8b8-4f82-8238-ac569d58434f&session=0cffce18-37d3-4c93-83a1-554fd510b428&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Zscaler%20ThreatLabz%20researchers%20recently%20came%20across%20multiple%20phishing%20campaigns%20using%20novel%20obfuscation%20and%20evasion%20techniques.%20Check%20the%20details.%22%2C%22keywords%22%3A%22Phishing%2C%20Obfuscation%22%2C%22title%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&pageViewId=deea9391-473d-477b-819c-6add69ac3405&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 24 May 2024 07:56:25 GMT

POST
H2 200 mon Show response
obs.iseaskies.com/ 0
39 B 138ms
137ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/mon
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.zscaler.com
date: Fri, 24 May 2024 07:56:25 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 134ms
133ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=c84c6578-f8b8-4f82-8238-ac569d58434f&session=0cffce18-37d3-4c93-83a1-554fd510b428&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A25%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Zscaler%20ThreatLabz%20researchers%20recently%20came%20across%20multiple%20phishing%20campaigns%20using%20novel%20obfuscation%20and%20evasion%20techniques.%20Check%20the%20details.%22%2C%22keywords%22%3A%22Phishing%2C%20Obfuscation%22%2C%22title%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&pageViewId=deea9391-473d-477b-819c-6add69ac3405&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 24 May 2024 07:56:26 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 302 KB
92 KB 274ms
187ms Script
application/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee832cf3968ff64c5c8dfb0bd8fba5e2583d727b28c89f71b3664351dce1389

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPoCwnUhRiSrWqLdxN-Y-KFft3GuJLyIlqftqvFXU-4PXIR23eHRvJEgcMtLTQKOX_MbbDw
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Mon, 20 May 2024 08:50:31 GMT
server: cloudflare
etag: W/"4fb2d5fc8e45743cec5f037e396ebafb"
vary: Accept-Encoding
x-goog-hash: crc32c=/vk9nQ==, md5=T7LV/I5FdDzsXwN+OW66+w==
x-goog-generation: 1716195031157350
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 309243
access-control-expose-headers: *
cf-ray: 888bbaa90e731c07-FRA
expires: Sat, 24 May 2025 07:56:26 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/zscaler.com/ 163 B
707 B 372ms
176ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/zscaler.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20594a73ecbdcb15e351a97aaed3f415fd3872c916d10a452bcb23b6329a06f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 07:56:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPowx8Bm0nNV_5nVeXtm9lo5N0eNJlBEEZV479lDRDtPOWWgFEJBgW8r-eiQKoB8S6349Ht3DRIGDQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 20 Feb 2024 16:21:37 GMT
server: cloudflare
etag: W/"1abca27397efc7e08a17533c485a8b59"
vary: Accept-Encoding
x-goog-hash: crc32c=cr7nwQ==, md5=Gryic5fvx+CKF1M8SFqLWQ==
x-goog-generation: 1708446097855326
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 163
cf-ray: 888bbab3abcf3a52-FRA
expires: Sat, 24 May 2025 07:56:28 GMT

POST mon
obs.iseaskies.com/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je45m0v883639532z871607006za200zb71607006&_p=1716537381293&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1653881855.1716537382&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=8&sid=1716537381&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&dt=New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20210115&ep.blog_child_category=Security%20Insights&ep.author_name=Kaivalya%20Khursale&ep.nid=41966&epn.hit_timestamp=1716537381916&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_ready&epn.event_label=1944&_et=6&tfd=8691
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 133ms
133ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=c84c6578-f8b8-4f82-8238-ac569d58434f&session=0cffce18-37d3-4c93-83a1-554fd510b428&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2024%20May%202024%2007%3A56%3A26%20GMT%22%2C%22timeSpent%22%3A%221829%22%2C%22totalTimeSpent%22%3A%225833%22%7D&isIframe=false&m=%7B%22description%22%3A%22Zscaler%20ThreatLabz%20researchers%20recently%20came%20across%20multiple%20phishing%20campaigns%20using%20novel%20obfuscation%20and%20evasion%20techniques.%20Check%20the%20details.%22%2C%22keywords%22%3A%22Phishing%2C%20Obfuscation%22%2C%22title%22%3A%22New%20Phishing%20Trends%20and%20Evasion%20Techniques%20%7C%20Zscaler%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&pageViewId=deea9391-473d-477b-819c-6add69ac3405&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.zscaler.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 07:56:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 24 May 2024 07:56:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/tags.js

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/attribution_trigger?pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques

Domain: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=5gm3a7p&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&upid=27hmsyx&upv=1.1.0

Domain: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/295014050

Domain: www.zscaler.com
URL: blob:https://www.zscaler.com/074261bb-bdc2-4abd-b986-6fdee84ae2d8

Domain: obs.iseaskies.com
URL: https://obs.iseaskies.com/mon

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
zscaler.voicestorm.com/	1969-12-31 23:59:59	Name: articleShareClick Value: %7B%22articleId%22%3A%22edbdb713-d9b8-4aa6-9987-c4c1d8a0dc6a%22%2C%22userChannelId%22%3A%2211264%22%7D
zscaler.voicestorm.com/	1970-01-21 05:34:33	Name: g Value: cea9920f-0228-47e9-8422-02b6542f6676
zscaler.voicestorm.com/	1970-01-21 05:34:33	Name: c Value: 79338
.info.zscaler.com/	1970-01-20 20:48:59	Name: __cf_bm Value: UQhWRbbjlqQWm3.bkuVVx4En.EsK4fad9nuRMP1SSk0-1716537381-1.0.1.1-YAykAm6tMb3Fgx9n_YPDrhhxyrgHZ1Xs8xXfheVTStm5KY5tTdWHmhsC0NesFR1PI78khD64V7AvHHXF5yaVUg
.zscaler.com/	1970-01-20 22:58:33	Name: _gcl_au Value: 1.1.713005968.1716537382
.zscaler.com/	1970-01-21 06:24:57	Name: _ga Value: GA1.1.1653881855.1716537382
.zscaler.com/	1970-01-21 06:24:57	Name: _ga_10SPJ4YJL9 Value: GS1.1.1716537381.1.0.1716537381.60.0.0
.techtarget.com/	1970-01-20 20:48:59	Name: __cf_bm Value: gHvsi1Pfdh0SaxJxkWqCJaVJVO1iV2PvQcZNFQf4d2U-1716537381-1.0.1.1-9XsiHQGrZ5.5sfMOtNje60_thq6cttAyKqBwP4QNmi7LUmbxf8pOLeFsCUs.KkoZtYb_M1iEAdZisJhOr7IBfg
.zscaler.com/	1970-01-20 20:50:23	Name: _uetsid Value: 1c76845019a311ef8836b5332bec1247
.zscaler.com/	1970-01-21 06:10:33	Name: _uetvid Value: 1c766e3019a311efba944d906184b52a
.zscaler.com/	1969-12-31 23:59:59	Name: _fcdscst Value: MTcxNjUzNzM4MTk3MA==
www.zscaler.com/	1970-01-21 05:34:33	Name: __pdst Value: 50bfd3bdbe1f409eaf18411ee1c514e4
.doubleclick.net/	1970-01-20 21:32:09	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 20:48:58	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 01:08:09	Name: receive-cookie-deprecation Value: 1
.zscaler.com/	1970-01-20 23:00:21	Name: _cq_duid Value: 1.1716537382.OkeYub1eRMPyhyeL
.zscaler.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1716537382.7PqtWxnB7zOLFGuU
info.zscaler.com/	1969-12-31 23:59:59	Name: BIGipServerabmweb-nginx-app_https Value: !TYrQPszt0fMxyD+wZJ6CmE6tjLF6/3BCfyggoS3dAPMKuD4Z+Yq6iK+3rseYAQW4WyBiayuFLAYJ4A==
.linkedin.com/	1970-01-20 22:58:33	Name: li_sugr Value: 7d1eed6f-59a3-4fe5-9545-906e21a7975d
.linkedin.com/	1970-01-20 20:50:23	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=3073:u=1:x=1:i=1716537382:t=1716623782:v=2:sig=AQEeA6hxy9qIxzVoN7J9vM_IrRjqCRIi"
.zscaler.com/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.zscaler.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.adnxs.com/	1970-01-21 06:24:57	Name: receive-cookie-deprecation Value: 1
.linkedin.com/	1970-01-20 21:32:09	Name: UserMatchHistory Value: AQKvQaUNQmDrDQAAAY-pmdVjWJ6SAa0nvmqTO7QbDtjQE29TntuPjKdJGV5OKzk-DHTOWgxKA8RKvw
.linkedin.com/	1970-01-20 21:32:09	Name: AnalyticsSyncHistory Value: AQJu33zys69y9AAAAY-pmdVj6sC2d1iOBkItZ3fkgj8_afmM2-MsiI11I8wO_E6dj93W4JDKVeSDIHXoBuw2oQ
.linkedin.com/	1970-01-21 05:34:33	Name: bcookie Value: "v=2&14e78e10-4fd0-4171-8fb8-b80921b73835"
www.zscaler.com/	1970-01-20 20:59:02	Name: _an_uid Value: 0
www.zscaler.com/	1970-01-21 06:24:57	Name: _gd_visitor Value: c84c6578-f8b8-4f82-8238-ac569d58434f
www.zscaler.com/	1970-01-20 20:49:11	Name: _gd_session Value: 0cffce18-37d3-4c93-83a1-554fd510b428
.zscaler.com/	1970-01-20 22:58:33	Name: _fbp Value: fb.1.1716537382376.1387666438
.zscaler.com/	1970-01-20 20:50:23	Name: _ce.clock_event Value: 1
.www.linkedin.com/	1970-01-21 05:34:33	Name: bscookie Value: "v=1&2024052407562232281507-5ff7-448f-8830-6372572ce423AQEj8vJotd5DU1EXTGomX2ADCME9uKDK"
.linkedin.com/	1970-01-21 01:08:09	Name: li_gc Value: MTswOzE3MTY1MzczODI7MjswMjGMf5F/dP9nquvHu1U6G9mNjSfqowIy3lqp2GMipzM8ag==
.www.zscaler.com/	1970-01-21 05:34:33	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+May+24+2024+09%3A56%3A22+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&consentId=cc153aaf-8b7b-4335-9f88-6472df9f6070&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques&groups=C0001%3A1%2CC0005%3A0%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0&hosts=H36%3A1%2CH120%3A1%2CH59%3A1%2CH88%3A1%2CH98%3A1%2CH141%3A1%2CH109%3A1%2CH45%3A1%2CH46%3A1%2CH100%3A1%2CH79%3A1%2CH132%3A1%2CH119%3A0%2CH12%3A0%2CH123%3A0%2CH153%3A0%2CH144%3A0%2CH82%3A0%2CH106%3A0%2CH140%3A0%2CH165%3A0%2CH168%3A0%2CH169%3A0%2CH145%3A0%2CH139%3A0%2CH130%3A0%2CH31%3A0%2CH116%3A0%2CH4%3A0%2CH102%3A0%2CH76%3A0%2CH103%3A0%2CH60%3A0%2CH96%3A0%2CH162%3A0%2CH167%3A0%2CH20%3A0%2CH175%3A0%2CH22%3A0%2CH97%3A0%2CH121%3A0%2CH108%3A0%2CH65%3A0%2CH83%3A0%2CH131%3A0%2CH110%3A0%2CH111%3A0%2CH112%3A0%2CH185%3A0%2CH114%3A0%2CH118%3A0%2CH101%3A0%2CH150%3A0%2CH151%3A0%2CH129%3A0%2CH152%3A0%2CH52%3A0%2CH154%3A0%2CH133%3A0%2CH155%3A0%2CH156%3A0%2CH8%3A0%2CH157%3A0%2CH158%3A0%2CH159%3A0%2CH104%3A0%2CH160%3A0%2CH161%3A0%2CH163%3A0%2CH164%3A0%2CH105%3A0%2CH14%3A0%2CH149%3A0%2CH146%3A0%2CH166%3A0%2CH40%3A0%2CH15%3A0%2CH17%3A0%2CH170%3A0%2CH171%3A0%2CH172%3A0%2CH173%3A0%2CH63%3A0%2CH124%3A0%2CH174%3A0%2CH176%3A0%2CH177%3A0%2CH178%3A0%2CH134%3A0%2CH135%3A0%2CH179%3A0%2CH147%3A0%2CH180%3A0%2CH136%3A0%2CH189%3A0%2CH181%3A0%2CH182%3A0%2CH183%3A0%2CH184%3A0%2CH113%3A0%2CH186%3A0%2CH115%3A0%2CH33%3A0%2CH34%3A0%2CH187%3A0%2CH188%3A0&genVendors=
obs.iseaskies.com/	1970-01-21 04:52:47	Name: cg_uuid Value: 69e917e445974049b2cf142dcea1a27c
.zscaler.com/	1970-01-20 20:50:23	Name: _ce.clock_data Value: 31%2C80.255.7.100%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CDE
.zscaler.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.zscaler.com/	1970-01-21 05:34:33	Name: _ce.s Value: v~ac456e04e7c7499bb48d3167eaf11066309d5e78~lcw~1716537382709~lva~1716537382245~vpv~0~v11.cs~366477~v11.s~1ce7c650-19a3-11ef-87ad-c3d508648bd5~lcw~1716537382710
.www.zscaler.com/	1970-01-21 05:34:33	Name: _zitok Value: 2776dfe26ff82256a1df1716537382
.zoominfo.com/	1970-01-20 20:48:59	Name: __cf_bm Value: 4PGFfvLIhVbhJY_tpl_wHbJIa2UKRAE1JctDdk.RfGw-1716537382-1.0.1.1-jJSLvanfXkv_3xDGEZtryImm05mNoy4jP0W_WH6VevCLAKvQXxLje2vU.cfuM5UB7OV0pyimJyP4eNgnw.HZUw
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: GN7LJ3QlLwd_mAtnwhnPzYDDYO7Wuzzo.lGks9wtE58-1716537382846-0.0.1.1-604800000
.zscaler.com/	1970-01-21 06:24:57	Name: _fcdscv Value: eyJDdXN0b21lcklkIjoiNzMxYzMxNmEtYzQ2ZS00YTk0LTgxYTktN2NmYzBlYTBkNTNlIiwiVmlzaXRvciI6eyJFbWFpbCI6bnVsbCwiRXh0ZXJuYWxWaXNpdG9ySWQiOiI2M2NmNWM1Yy1mMGU1LTQ2M2EtOTJjMS1kYWFjMTFjMjZmZTQifSwiVmlzaXRzIjpbXSwiQWN0aXZpdGllcyI6W10sIkRpYWdub3N0aWNNZXNzYWdlIjpudWxsfQ==
.mountain.com/	1970-01-21 05:34:33	Name: guid Value: 1d87fe6e-19a3-11ef-b830-ebf699c47da0
.px.mountain.com/	1970-01-21 05:34:33	Name: tt Value: "H4sIAAAAAAAAAKtW8guKNzYyNrKMN7IwtlCyMtBBEjG3NAaLICswNDc0MzU2N7YwNTUy11EqU7IyqgUAiFPBC0YAAAA="
.mountain.com/	1970-01-21 05:34:33	Name: rt Value: "MzIzMjk6MTcxNjUzNzM4NQ=="

66 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK(Line 769) Message: Refused to load the script 'https://tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/tags.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Message: Refused to connect to 'https://px.ads.linkedin.com/attribution_trigger?pid=33962&time=1716537381863&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fnew-phishing-trends-and-evasion-techniques' because it violates the following Content Security Policy directive: "connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com".
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://bat.bing.com/p/action/295014050.js(Line 30) Message: Refused to load the script 'https://www.clarity.ms/tag/uet/295014050' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://www.zscaler.com/abfd6b54-3480-4fb0-b5dd-db7bbc1cdc8e(Line 1) Message: Error
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://js.zi-scripts.com/zi-tag.js Message: Refused to load the script 'blob:https://www.zscaler.com/074261bb-bdc2-4abd-b986-6fdee84ae2d8' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: The resource https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2F----category-images%2Fphishing-spam%2Fphishing-spam-2%25402x.jpg&w=3840&q=75 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/new-phishing-trends-and-evasion-techniques Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

117186981.intellimizeio.com
8541430.fls.doubleclick.net
acsbapp.com
ad.doubleclick.net
api.intellimize.co
assets-tracking.crazyegg.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.acsbapp.com
cdn.cookielaw.org
cdn.intellimize.co
cdn.pdst.fm
connect.facebook.net
d.adroll.com
d2i34c80a0ftze.cloudfront.net
dx.mountain.com
epsilon.6sense.com
geolocation.onetrust.com
gs.mountain.com
ibc-flow.techtarget.com
info.zscaler.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.zi-scripts.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh6.googleusercontent.com
log.intellimize.co
munchkin.marketo.net
ob.iseaskies.com
obs.iseaskies.com
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
region1.analytics.google.com
s.adroll.com
script.crazyegg.com
secure.adnxs.com
snap.licdn.com
st.fullcircleinsights.com
stats.g.doubleclick.net
tag.clearbitscripts.com
tracking.crazyegg.com
trk.techtarget.com
us-central1-adaptive-growth.cloudfunctions.net
ws-assets.zoominfo.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.zscaler.com
zscaler.voicestorm.com
insight.adsrvr.org
obs.iseaskies.com
px.ads.linkedin.com
tag.clearbitscripts.com
www.clarity.ms
www.zscaler.com
104.16.117.43
104.17.70.206
104.18.37.212
104.85.22.235
13.107.42.14
13.35.58.27
142.250.184.230
142.250.186.102
142.250.74.195
151.101.194.132
161.129.72.21
18.239.50.128
18.239.67.100
18.66.122.72
2001:4860:4802:34::36
2001:4860:4802:36::36
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2090:c600:c:d449:2a40:93a1
2600:9000:2644:9000:6:9280:1080:93a1
2600:9000:275b:d000:9:14eb:6280:93a1
2606:4700:10::6816:1cc
2606:4700:4400::6812:2089
2606:4700:4400::6812:24c4
2606:4700::6812:1d4a
2606:4700::6813:9308
2606:4700::6813:b234
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2001
2a00:1450:400c:c07::9a
2a02:26f0:3500:16::215:149b
2a02:26f0:480:23::1726:629c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe05:d9d0:22f3:56d4:e17a
3.212.39.155
34.111.208.231
34.212.4.35
34.238.149.65
34.254.105.143
35.244.142.80
35.80.246.154
37.252.172.123
44.235.191.156
54.195.89.156
54.229.175.130
76.223.9.105
95.101.111.170
01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6
01e4b67bdfe8cd7832d8f19e193665f41abfb70265d695944e1eaed9b19100a2
02cf967312da416498f662d891dd432426488424f6334da0eb277059ecd2f59b
02ef3d4346add95520307127e5cbfbd7b9da8697720a7c9046d44188bd19d1b1
041f82ff646428788fe9781595e94b9511ae6fcb128c05a7997178dcbee37208
04c08227adea882f07401604a56d865ac62351436118bbc2102b3b7bd610b856
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
096f65cc12d8aa127c208834e2500d152d7973d3217e30c54d0c250ec63e69a7
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
1143416a787e837ca6b042f0cfdd90f6575d165accdb579a0c1d47da9bdbcc2d
1413726cd49bff9c3b3dda8e828a02f97d3deb869d3e9af5f2365bbc76691ea3
1566c9b856874c959dc25daf6d8ed3feb67b6ae555a541c11c51a3b176dce192
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
175c3dfbf0f0638d29f1688934355fd6869729d088edd8b2915325eab2bacb09
191b1c26124fefdc8d60b595a42ff2170bd142d4873177c52ece80b2bdc8bb0c
1e7e36f3f88692d69244aa905916aabc0e00bcc987bbc4cef85324e8c3733266
1ee832cf3968ff64c5c8dfb0bd8fba5e2583d727b28c89f71b3664351dce1389
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
240fa43d73422ca94978e64289e61b6765eb22477bc9da42a47c889372cf7aee
242c367526c45b386dd4abba948c86884f552d35f7042efaea529bd7319359e3
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
258ac87e304908a79116737170a587d0ea6cb91c9fa2e10389e0c52b3a30f2b0
261f60a9345708c110143747569ffe8ed8d20f85425ab14a3d48d40eccab0d48
26ccef7de6e2531d69dc022399a438b3fdc284eb9354118801c80bc33dc79601
275154b0a4aeea0253e28402a34f5572b58fd5d34a0cb04b9ec335409ec9bb7f
27a89f92d0aed244a6e981ef7b25f83ad0268aee8519d70734f6ba0fd63d1a68
2b0cd39d290a1403b6303c049dceebac871d07a5f776b53f4e425ec2235d16a8
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fd3939ef9fd148fc96240151cd770833fa013747788551540c6b2a363c0bf3a
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32ea65199f687a54440c559061cc9d7a89f6346d1516fd1d2dae11be1f631964
392136d90fb22aac0dce2b1a42dc0e6a2ca52814e33731421df26b195a624be0
3b7b03c85d0a5234d602e1fcf7d33a9aae23bfbf4cd76e7fedf5cdf58a3e8ad8
413d0b57de62b151d631e5c63ca0b52a447578209f5bd960ce99471228f34a04
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8
4b5a6114687b10c9f391b3f07506359b39001dbdde631c4f9b1b9c3465df5bc4
4b688b2cc33b5ce9eb7124542bdf53096e2dd9843feb317f2a626981d3d4d2a3
4c1ea9ccbc2c3935ebd327248ee6dfeaf946db9f4c86038d890b079cabb2a2d9
4fb7c0200d46215e03c99a819b336c1426163575e3c55b6d5e9ba4449edede06
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
54034a97c2cd2fd617136446cef1993cfef5937fe2896ee7e4bd569cd18c94e5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a9efd70b3669b60a085563e68956eda3f97e6aaf220ca03b348c10569f09c95
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
62cefdc627329af90143b8639e5c2d06d09fda072e28fa34de34c4576f3fe638
6487817342cc7311d0f8603168a7edba803aa7de8813673eb155e8ea8b77b32c
67bada63c3654c7168cedb6be0924d793dc683e81ae6740e3e14f3b181b94ff3
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6a3a2d181d576ea192521f28442da75d63c67a83c23e95c2f989711cd08473c8
6b94d5b7578ae77bb91e2cd497560d71044dd8afb38d94935c3eea28b8efbc2b
744deafbbd06622b914865ace9fcb22228d456c004e39127c22cb29de2f1b46c
7541cef41eec7c766ddd2f3b8970a7fd45ee6ba25e34605cec497f781d38dc25
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7b2a1e7ec66641ad958a36774552cc40712f052e2db6542cacc01fd2dbcde58c
7cfc7e7ef1b5a3b8ca8dc185554f0a13e93b88e1ea66e131cb8d8a922039aca7
7d7420dc00f6c2095845ed3099c8c38269d37ed054a8570135082f433b717ad7
7dc479230d1f930e663a76b0f7bca0ddfa9c553134b741283d2b9cf82323b9ff
7f891b3805153ab80f237d2e3411717f908a7c0138652da4b337e370130e4630
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82597ca5e9f0b28679550d3daf2838062560cb46eae1c623b8ed40704ae82dc2
82d86b63cdecac35eda7d7e5144ee06876527acb368fc078197505f6e63df0b3
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
841c81000f832a0b4efad511c4c2f87fba465a4d3900b43c987a6170e05c1e27
841d15e5ea21c93e4a1978363cb801485e15cf766a3fca75cdab03fa9360ad38
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
89d648c6aa4a3bbf08b974e37aef5d320c80e336ba365417c6285a2f2711b140
89fde8fd7b0ad034128435bc21892e617683afdfb5cd4fef39c0bd6ff7d53723
90de36eacfbcb58a2d6512b18d335414e0c72b137b6e4529c30d42588ce2d12a
91f9615a3d426c70c3ce49503f70a8d8816ab5891193e0905402a67c4a80def9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c8aec34d079934112e81eb7310fc48c4761124f50337e365b0351094ad449e
9c57baa805280b30224dfa39c6ec2de8d4c9b82ee127eaa905c43637e96b5094
9dd93b89faa1f4642b0a4a84a36bccf5174c8af4a024d9291ed1e0300db58bcd
9e132bc877dade68a5609e803549d6cead1c132d310dcc037de34d87fe00c5cc
9f51ff024361e3d2d11964a55b9b1b54e89e911b4d60199aa0b55b8b5a214dcc
9f9d3b48b612b238a692d0b79f0b5a28e0ec4710c36660399493535a653b7133
a0499ef0693c480a72711031ca58bbfb6971d1a047036f1eccb3add0e4ea0f2d
a412fa7f724c9353acc45eafc76d54f4948285d5799a3f2261d44a3e0fbbfea2
a637a287f67daeb4990d6c1772e67a88ffeb7d1a430424fd1c42701f3f21d689
a69de5e17bedb8dccd816b87f8602e97ea48c3160a70a183a2ca0804dedbc619
aa2b8282a1438a0e53971aa29a5c54f2911a3cb79b44cc20f8521ead150c458f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae9ce01eeaeb30d4044b4b309035579a53b0e534e28cbb8828f5b4f648514c10
b0febf92dfc888d121bf518cfcc2191bebc6707d7e4ee4f650ca525d3eab4aa2
b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395
b7eff4b4361c8058fbe407d9e1e0e14f425df85f01cd295f6e1ac1271a3ff6bc
b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8
beac035e4d7e7ca8063a81be0994cfc994d5f1c7539091659834203e076476ac
c18ad96ea860ca62e73dd9b1161fafd6cd07d4f1ae5a7a035d67a31197df4f36
c20b49a8396902e4cc1c2c0ab04ff6dcced384b44f456aa9a33532120246c9e9
c303b32cd7508a3545bf013c7bc90ac50a3dd80ca78d54a76285dedb2e5e9f9f
c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4
c52c74d5f72fba35bbb92461ac20ea6d80b9e826d28369d5fa6010d9838508ee
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccd347e0f413f8c1e5ad0bbfd846250914515ed5dced53829e2b2aae2b8e5c58
ce4e274c5793e7cd62cb67e2630278ef4a470b4baa35cb3b42e145717faed336
d052d754144719babc265dfb8b97e09ba7ce7c44047713b5f593018464d909d8
d0ec04051c6114cc5c079a12d21ce695b45c0a1b0cb2d83886c26ee6cf1d187f
d2ad71c4da529296d03cc2007a11a3d22ed57fe19276d923e5afda6e4e1ab8f7
d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98
d5792801335f11b32a948d51b64bb655b16f8767f5837f2be4c406715994752f
d87e9f3437f7fa81e1b66b4cb93c29f484582d836a80e52615b3a2e03b8434cc
d8841d03ea3af875853225b0dcb36d0e7d20ba2388d73356770440ae95bf1e1b
d9eb211babae7bd099323d54132686bfd5f948edd5ec4931744529e9bff9ec37
dc1a746e4540f4be2f9172e2403669d454784c6ff4e5394e5c89f6d24f22af83
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4fa8fbc65336777e518d4b1a6ba4ad435fb1903242d247975eaf9e59246b50
e20594a73ecbdcb15e351a97aaed3f415fd3872c916d10a452bcb23b6329a06f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b5ab186fd46f0eb587eb763d776d9cbe936476f6f71c6a8247079fdf27c530
e6a1e90281fb5f6bd8c4df8697f16fdd66b968afe67e22f20130b2a212910ddb
e8dd816994e637150c564f7a3c2bac4c5868de946276ec73225303fffe27a498
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ea0aa1e59e8c76d8753706839a434266b3c3af2bdb9ba28772731e9ac22d8ad8
eb0fd08062321d3ad12b2b73d4827be993967a8a7330447edb7aec9cd90f8b70
eb6a432365c488df976093b9442efa7e5e8d7b8bbe2b1c7e9673840320016748
ebbd76bc08f4d823aabfe6e4582a5a25b4de3d42779c290ad5fa349ec20d47a6
edb554b36dfa8100119f936afd57f0e9674771a8ff4b2a0e714d836b57c658ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd
f23f53e414e418ba0b70cf9106982d493e4d3554fc1929533737d4f595f89f7e
f3b5a11609af751b9fd41503d4edad831c3bc9209282141310c9bc01b6eff2a9
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f6f4da05e82bc129a6ace5f9fe943f0b44bc1d1ec5a074ecedb59f8e57d0191b
f9562e4c4664827ed559d5ef9dfe0e487da03c6b5b41e820e97ad6468459c9ac
fcd0d01f674bf8bc63ee2236eb16f008bdfaa10ff622806b05b762a88ac3498c
fce3dd79f6439614bd0067fdb4747883bb1a414133f1d33cc75c3f43afdeb4f9
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.zscaler.com Open in urlscan Pro 2606:4700::6812:1d4a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

93 %HTTPS

45 %IPv6

35 Domains

58 Subdomains

49 IPs

6 Countries

3199 kBTransfer

7687 kBSize

45 Cookies

24 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zscaler.com Open in urlscan Pro
2606:4700::6812:1d4a Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

93 %
HTTPS

45 %
IPv6

35
Domains

58
Subdomains

49
IPs

6
Countries

3199 kB
Transfer

7687 kB
Size

45
Cookies

179 HTTP transactions
0 data transactions