urlscan.io logo urlscan.io
SecurityTrails logo

www.zscaler.com Open in urlscan Pro
2606:4700::6812:1c4a  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Submission: On February 29 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 4 countries across 34 domains to perform 169 HTTP transactions. The main IP is 2606:4700::6812:1c4a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.zscaler.com. The Cisco Umbrella rank of the primary domain is 71667.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 7th 2023. Valid for: a year.
This is the only time www.zscaler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a05:d014:58f... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
12 23.213.161.219 20940 (AKAMAI-ASN1)
1 4 2600:9000:20c... 16509 (AMAZON-02)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
1 152.195.15.58 15133 (EDGECAST)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 172.64.150.44 13335 (CLOUDFLAR...)
1 34.238.149.65 14618 (AMAZON-AES)
1 2600:9000:237... 16509 (AMAZON-02)
1 35.244.142.80 15169 (GOOGLE)
1 108.138.15.119 16509 (AMAZON-02)
1 34.199.184.178 14618 (AMAZON-AES)
2 23.210.118.178 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.111.208.231 396982 (GOOGLE-CL...)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 13.35.58.27 16509 (AMAZON-02)
1 18.66.122.45 16509 (AMAZON-02)
1 192.28.144.124 15224 (OMNITURE)
4 108.138.36.91 16509 (AMAZON-02)
1 34.248.100.15 16509 (AMAZON-02)
1 185.89.210.46 29990 (ASN-APPNEX)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 18.192.208.225 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.210.219.79 16509 (AMAZON-02)
1 34.212.4.35 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
169 47
56    2606:4700::6812:1c4a (United States)

ASN13335 (CLOUDFLARENET, US)
www.zscaler.com
9    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a05:d014:58f:6200::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
netlify-rum.netlify.app
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
5    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
12    23.213.161.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-219.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
4    2600:9000:20c3:4a00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
6    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    152.195.15.58 (United States)

ASN15133 (EDGECAST, US)
cdn.bizible.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:4400::ac40:973c (United States)

ASN13335 (CLOUDFLARENET, US)
trk.techtarget.com
3    172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js.zi-scripts.com
1    34.238.149.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-149-65.compute-1.amazonaws.com
dx.mountain.com
1    2600:9000:237d:7800:9:14eb:6280:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2i34c80a0ftze.cloudfront.net
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    34.199.184.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-184-178.compute-1.amazonaws.com
t.sf14g.com
2    23.210.118.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-118-178.deploy.static.akamaitechnologies.com
munchkin.marketo.net
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com
ibc-flow.techtarget.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net
1    2a05:d018:cc3:fe05:9001:9e85:f878:f35e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
4    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.35.58.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-27.fra60.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.66.122.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-45.fra60.r.cloudfront.net
assets-tracking.crazyegg.com
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
306-zej-256.mktoresp.com
4    108.138.36.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-91.muc50.r.cloudfront.net
st.fullcircleinsights.com
1    34.248.100.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-100-15.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    2a02:26f0:480:23::1726:62a7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
2    18.192.208.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-208-225.eu-central-1.compute.amazonaws.com
epsilon.6sense.com
4    2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
1    2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)
ws-assets.zoominfo.com
2    34.210.219.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-219-79.us-west-2.compute.amazonaws.com
px.mountain.com
1    34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
gs.mountain.com
1    2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
1    2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.acsbapp.com
Apex Domain
Subdomains		 Transfer
56 zscaler.com
www.zscaler.com — Cisco Umbrella Rank: 71667
1 MB
14 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5326
c.6sc.co — Cisco Umbrella Rank: 8195
ipv6.6sc.co — Cisco Umbrella Rank: 5498
b.6sc.co — Cisco Umbrella Rank: 3594
26 KB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2343
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5331
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5301
tracking.crazyegg.com — Cisco Umbrella Rank: 4117
106 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 330
154 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 350
www.linkedin.com — Cisco Umbrella Rank: 615
px4.ads.linkedin.com — Cisco Umbrella Rank: 6418
3 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2663
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4417
ws-assets.zoominfo.com — Cisco Umbrella Rank: 14472
29 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6553
885 B
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
5 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 368
30 KB
5 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3310
d.adroll.com — Cisco Umbrella Rank: 1470
28 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
476 KB
4 fullcircleinsights.com
st.fullcircleinsights.com — Cisco Umbrella Rank: 95814
4 KB
4 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 5328
px.mountain.com — Cisco Umbrella Rank: 5528
gs.mountain.com — Cisco Umbrella Rank: 11668
11 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 8055
3 KB
3 techtarget.com
trk.techtarget.com — Cisco Umbrella Rank: 23841
ibc-flow.techtarget.com — Cisco Umbrella Rank: 21782
2 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 3946
cdn.acsbapp.com — Cisco Umbrella Rank: 4131
92 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 9224
707 B
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3154
123 B
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3542
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
71 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 805
17 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
1 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 502
698 B
1 mktoresp.com
306-zej-256.mktoresp.com — Cisco Umbrella Rank: 770809
318 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
185 B
1 sf14g.com
t.sf14g.com — Cisco Umbrella Rank: 161170
1 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1490
insight.adsrvr.org Failed
3 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 3097
6 KB
1 cloudfront.net
d2i34c80a0ftze.cloudfront.net
11 KB
1 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 6579
25 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 554
306 B
1 netlify.app
netlify-rum.netlify.app — Cisco Umbrella Rank: 19702
4 KB
0 clearbitscripts.com Failed
tag.clearbitscripts.com Failed
169 34
Domain Requested by
56 www.zscaler.com www.zscaler.com
9 cdn.cookielaw.org www.zscaler.com
cdn.cookielaw.org
8 b.6sc.co
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
5 www.google.de
5 bat.bing.com www.googletagmanager.com
bat.bing.com
cdn.bizible.com
5 www.googletagmanager.com www.zscaler.com
www.googletagmanager.com
4 ws.zoominfo.com js.zi-scripts.com
ws-assets.zoominfo.com
4 st.fullcircleinsights.com cdn.bizible.com
4 www.google.com
4 px.ads.linkedin.com 3 redirects cdn.bizible.com
4 s.adroll.com 1 redirects www.googletagmanager.com
s.adroll.com
3 googleads.g.doubleclick.net www.googletagmanager.com
3 js.zi-scripts.com www.zscaler.com
js.zi-scripts.com
2 px.mountain.com dx.mountain.com
www.zscaler.com
2 epsilon.6sense.com cdn.bizible.com
2 ipv6.6sc.co cdn.bizible.com
2 c.6sc.co cdn.bizible.com
2 us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm
2 ibc-flow.techtarget.com trk.techtarget.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 munchkin.marketo.net www.zscaler.com
munchkin.marketo.net
2 connect.facebook.net www.zscaler.com
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 j.6sc.co www.googletagmanager.com
j.6sc.co
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 cdn.acsbapp.com acsbapp.com
1 acsbapp.com www.zscaler.com
1 gs.mountain.com www.zscaler.com
1 ws-assets.zoominfo.com js.zi-scripts.com
1 secure.adnxs.com cdn.bizible.com
1 tracking.crazyegg.com cdn.bizible.com
1 306-zej-256.mktoresp.com munchkin.marketo.net
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 www.facebook.com
1 d.adroll.com s.adroll.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 t.sf14g.com www.zscaler.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.pdst.fm www.zscaler.com
1 d2i34c80a0ftze.cloudfront.net www.googletagmanager.com
1 dx.mountain.com www.zscaler.com
1 trk.techtarget.com www.zscaler.com
1 cdn.bizible.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 netlify-rum.netlify.app www.zscaler.com
0 insight.adsrvr.org Failed js.adsrvr.org
0 tag.clearbitscripts.com Failed www.googletagmanager.com
169 51
Subject Issuer Validity Valid
www.zscaler.com
DigiCert SHA2 Extended Validation Server CA		 2023-02-07 -
2024-03-09		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.netlify.app
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
6sc.co
R3		 2024-01-29 -
2024-04-28		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
script.crazyegg.com
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-01 -
2024-07-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-08 -
2024-03-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-25 -
2024-06-24		 a year crt.sh
zi-scripts.com
GTS CA 1P5		 2024-01-30 -
2024-04-29		 3 months crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2023-06-12 -
2024-06-23		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdn.pdst.fm
GTS CA 1D4		 2024-01-19 -
2024-04-18		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
t.sf14g.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-08-07		 a year crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-12-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
ibc-flow.techtarget.com
GTS CA 1D4		 2024-01-13 -
2024-04-12		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-07 -
2024-10-07		 a year crt.sh
aws-st.fullcircleinsights.com
Amazon RSA 2048 M01		 2023-05-30 -
2024-06-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.6sense.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
zoominfo.com
E1		 2024-02-20 -
2024-05-20		 3 months crt.sh
acsbapp.com
GTS CA 1P5		 2024-02-23 -
2024-05-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Frame ID: 384EE3E46673839770F9401457C0FBCE
Requests: 160 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=5gm3a7p&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&upid=27hmsyx&upv=1.1.0
Frame ID: 32EF5A20B35AD25BFEB664B1AF97885E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WINELOADER Analysis | ThreatLabz

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

169
Requests

95 %
HTTPS

59 %
IPv6

34
Domains

51
Subdomains

47
IPs

4
Countries

2472 kB
Transfer

6492 kB
Size

44
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97
  • https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 105
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D33962%26time%3D1709172879153%26li_adsId%3D8ee5ed91-d36f-4b15-87dd-2f71079bb8c8%26url%3Dhttps%253A%252F%252Fwww.zscaler.com%252Fblogs%252Fsecurity-research%252Feuropean-diplomats-targeted-spikedwine-wineloader%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cookiesTest=true&liSync=true&e_ipv6=AQJDwIzpbBkDDAAAAY3ypHJU1dXcHf2VKHTsSmtbdweAy5ErxdMuF3_OaKCpZe2vYr3R5Go

169 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request european-diplomats-targeted-spikedwine-wineloader
www.zscaler.com/blogs/security-research/ 		452 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
162771f9c367624c90b235b5ee4786acce13f51b10491b69571979396c94b656
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
502
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; fwd=stale
cf-cache-status
DYNAMIC
cf-ray
85cd65090d5f65ae-FRA
content-encoding
br
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 02:14:35 GMT
netlify-vary
cookie=__next_preview_data:presence|__prerender_bypass:presence
server
cloudflare
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN https://cms.zscaler.com
x-middleware-next
1
x-nextjs-cache
REVALIDATED
x-nf-render-mode
odb ttl=300
x-nf-request-id
01HQSA8RDP1NHES4PAKV56F8G3
x-powered-by
Next.js
x-xss-protection
1; mode=block
OtAutoBlock.js
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/ 		59 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/OtAutoBlock.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e45934e263c7a4e155b0b92f540b048288c1f866ba40a69f98fb97da43c0912a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
51121
content-md5
FR5Ql533XbycONLZJdDDqg==
content-length
8417
x-ms-lease-status
unlocked
last-modified
Sat, 17 Feb 2024 09:22:06 GMT
server
cloudflare
etag
0x8DC2F99E8E4648B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5dd1cb16-401e-004c-4b82-61a9b3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85cd650ade52360b-FRA
expires
Fri, 01 Mar 2024 02:14:35 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OKrCs7nhvutcs03VCUskmw==
age
77159
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2024 03:06:26 GMT
server
cloudflare
etag
0x8DC37411679B650
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3633ee45-101e-00a5-122a-696ff9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85cd650ade51360b-FRA
image
www.zscaler.com/_next/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Findia-europe-blog-tile-img-700x467-Opt1.jpg&w=3840&q=75
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d3902f1f14b183805345377b81268ea40eae93eaa9cfe5eab2b5bef5533c59
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN cms.zscaler.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNJ3JSD7VG0FGG68S5H
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
1
netlify-vary
cookie=__next_preview_data:presence|__prerender_bypass:presence
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"123e6-F1tFKjK2amjYxrES4QpXR9vTRuo"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN cms.zscaler.com
content-type
image/webp
cache-control
public,max-age=0,must-revalidate
x-middleware-next
1
cf-ray
85cd650a9e0565ae-FRA
219e54771de95554-s.p.woff2
www.zscaler.com/_next/static/media/ 		37 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/media/219e54771de95554-s.p.woff2
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fde8fd7b0ad034128435bc21892e617683afdfb5cd4fef39c0bd6ff7d53723
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Origin
https://www.zscaler.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNH6RK4GVAJWVNKAC9J
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13797
content-length
37876
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"b57d6e4572bfb397a8b8718aebdf8f37-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
font/woff2
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
cf-ray
85cd650a9e0165ae-FRA
86085b213eb89904-s.p.woff2
www.zscaler.com/_next/static/media/ 		39 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/media/86085b213eb89904-s.p.woff2
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258ac87e304908a79116737170a587d0ea6cb91c9fa2e10389e0c52b3a30f2b0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Origin
https://www.zscaler.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RN8FT4HY9594V0BSC7V
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13878
content-length
40264
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"f6afe26cc9418c08c74df7ea74335498-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
font/woff2
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
cf-ray
85cd650a9e0265ae-FRA
9cdafb0650413334-s.p.woff2
www.zscaler.com/_next/static/media/ 		39 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/media/9cdafb0650413334-s.p.woff2
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beac035e4d7e7ca8063a81be0994cfc994d5f1c7539091659834203e076476ac
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Origin
https://www.zscaler.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNJTXDS9BGYN7WT027V
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13591
content-length
40336
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"79b3fe7c61798ac2ddda9273905219dd-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
font/woff2
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
cf-ray
85cd650a9e0365ae-FRA
b8d03097b65b2b5d.css
www.zscaler.com/_next/static/css/ 		53 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/b8d03097b65b2b5d.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6f036e4cac10754c2aa5efd616639a721423b7adaee3018c4157dee39c75d0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RM26BNJGCYZEGT79X1S
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13797
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"8b84678f74933763584b3617d06f9189-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5dde65ae-FRA
02751ebafd40155e.css
www.zscaler.com/_next/static/css/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/02751ebafd40155e.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e05217cb6c08c8ac8fccd62fe7541004252cb0fd5fe47716ea55bc7aa555f5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RM93KP2BGKA15Q7REKY
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14341
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"ef75d7a53cc746344d1f77b9626c415c-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5ddf65ae-FRA
60eb4664b635b404.css
www.zscaler.com/_next/static/css/ 		76 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/60eb4664b635b404.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8c8f5340dc34290a19d0068536f04e17fb8e3faaf46cb3335a10fd7a475d24
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RMEN683H3BX0P77MT4M
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14428
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"fb3cd16a13310e72ac102aaa68fcf533-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5de065ae-FRA
60ab7ffa9f7999ec.css
www.zscaler.com/_next/static/css/ 		849 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/60ab7ffa9f7999ec.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7420dc00f6c2095845ed3099c8c38269d37ed054a8570135082f433b717ad7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RM8SZQA04GA0FJZ8TD9
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
12155
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"11294429e8420fcd6dfa0c33b3542f20-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5de265ae-FRA
54b114f76a2643a4.css
www.zscaler.com/_next/static/css/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/54b114f76a2643a4.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6a1e90281fb5f6bd8c4df8697f16fdd66b968afe67e22f20130b2a212910ddb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RMB6KAXCDBTNHDW68TD
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13580
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"c6bec7d7adbb8765853f74db672d53d8-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5de465ae-FRA
2b4ce64ceddde260.css
www.zscaler.com/_next/static/css/ 		5 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/2b4ce64ceddde260.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
413d0b57de62b151d631e5c63ca0b52a447578209f5bd960ce99471228f34a04
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RMEYZB1BV0XG6SNR5GG
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
12080
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"8a0b69e92aa1ced8294862be9630028d-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5de665ae-FRA
455227249223c84c.css
www.zscaler.com/_next/static/css/ 		7 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/455227249223c84c.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6487817342cc7311d0f8603168a7edba803aa7de8813673eb155e8ea8b77b32c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RM9C7P830GBKEEFCM12
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13312
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"0cf53be6ad2200ab67afe6a68e9a0d7f-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5de765ae-FRA
1eadfb2fb40aa5c9.css
www.zscaler.com/_next/static/css/ 		6 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/1eadfb2fb40aa5c9.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
151427a4b23e94bcada8f3e09acb485a27c29636fb6cb80be635590729d54fda
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RMDQM0QTF806P6AY3PC
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
3
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
W/"fdb37d0bdd50d4337c1eb6e1f579a904-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5de865ae-FRA
d34fc117d4462dbb.css
www.zscaler.com/_next/static/css/ 		7 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/d34fc117d4462dbb.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02cf967312da416498f662d891dd432426488424f6334da0eb277059ecd2f59b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RMBVMQ0AV85SWP4CZF6
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
12155
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"299d79e754bae3d5c0a7a721da48074c-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5dea65ae-FRA
e1f7f7d5ee9208b2.css
www.zscaler.com/_next/static/css/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/e1f7f7d5ee9208b2.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0d5f53562170f7c12e461461664118c6c5e6f77a2dec0e5cfae560f6f32efe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RMBXGN0B51V1EJY4B4W
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13578
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"d63e29ab11cb7373e4ddfd28e2c11b16-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a5deb65ae-FRA
1664-a6f9ae05a5c53ad1.js
www.zscaler.com/_next/static/chunks/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/1664-a6f9ae05a5c53ad1.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca4d7bd727f9c0d0dc1d01c0b08b630632340659b4899c71344dd4d27faffa8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNKABVRMSRR7XH1EP6S
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
9642
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"a154f6ee7355b2191b6756e6c5b67c0c-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0665ae-FRA
330.ed216243e992d586.js
www.zscaler.com/_next/static/chunks/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/330.ed216243e992d586.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e80729e7e89eb99fe169fe468749fb8193834b18bbfdc3059feb48e12bebb92
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNHV7QDMZP0FGN9PNSS
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13578
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"d110f26cecd2edf52c862ecd45b260d9-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0765ae-FRA
921.483bab654229a6d9.js
www.zscaler.com/_next/static/chunks/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/921.483bab654229a6d9.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f9048d354cf3df15668565450eea5de2a267cd95ec928a81bdc0269fb611baf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNJ4HMYM285EWDMXRH4
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
9793
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"38915fdaed6f818612ddee849f120b92-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0865ae-FRA
5192.b01af0b1566e0a65.js
www.zscaler.com/_next/static/chunks/ 		605 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/5192.b01af0b1566e0a65.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec09e6ea3a9912c8e7c4640d0907355978c3fc6383eccedfbab424efbd863ef2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNNXN094QT5GHJWT93Y
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13768
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"67a81b95967d00c129633507040b719d-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0965ae-FRA
712.6fe5bc3f8b527c0a.js
www.zscaler.com/_next/static/chunks/ 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/712.6fe5bc3f8b527c0a.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3078f501977e2185b646c2f5a7d017a8b562bdbd5b28df7640bd52cba8f377d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNKFGGW0A9R7SWHA97X
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
7782
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"125068e4bfdba04a024b0d48d86abd67-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0b65ae-FRA
5118.639f1c352a37d72d.js
www.zscaler.com/_next/static/chunks/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/5118.639f1c352a37d72d.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109d7aa9c6f32a78c877db04e17d6b78c89dd5c539dc01bae82840b2ebd43bca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RN8ZS4PJGPXQ1AA0W7V
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13959
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"356c24e7a74c21491b699a77e8a3f7b5-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0c65ae-FRA
7020.e487c0abfa389144.js
www.zscaler.com/_next/static/chunks/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/7020.e487c0abfa389144.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41635e062e487b56a91beaa760d53e414ddc1a334f0bb77936e9af413aa32077
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNV7AX4S10PWE0T7BX1
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14428
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"68867ae6586ef50b2b35a65952cf9148-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0d65ae-FRA
3588.01e89dde1cd8c6af.js
www.zscaler.com/_next/static/chunks/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/3588.01e89dde1cd8c6af.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92531e43dbc7ec7e14bb2702e6f04d805c3ee02de151d4bb04b45e72ff318283
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNHZV1E7442FHY1ZYM7
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
12079
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"697714063df7a67b115a25fe6c71b67d-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0e65ae-FRA
6786.c95c8988b23146e2.js
www.zscaler.com/_next/static/chunks/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/6786.c95c8988b23146e2.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3505d9c53423b2c2b85fa4fd199a6d5aa93246f0fd7d7e16ab3b63515842391e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNKAY9WHA7H5X9XGHT8
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
9792
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"d64711286a79841d376e930f40bfa1cb-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e0f65ae-FRA
5762.e93475ee59180d73.js
www.zscaler.com/_next/static/chunks/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/5762.e93475ee59180d73.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7b5b615587cd11b52f2a6edc1b8a2eb60aabacaf06b6a656a938e4cfaf68e8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNHG1PV21F6AF68G7T7
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14419
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"96b3f302571ff88715ceed5e2c194347-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1065ae-FRA
8578.1b534dcbdbdc372b.js
www.zscaler.com/_next/static/chunks/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/8578.1b534dcbdbdc372b.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abc2ce8b96eba7e9b08285bb05d18cfae8f6e89aae9abb586964e7e10c3c2d1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNMZ6YSGDR868KPDE3G
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14088
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"e6c58b3160a9cccdc9e452b37355ea8a-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1165ae-FRA
webpack-83aa55a4e1dfc48c.js
www.zscaler.com/_next/static/chunks/ 		10 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/webpack-83aa55a4e1dfc48c.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a55c459608c0f87ff70bfb1ae80991522791451e05f64f61e1ed1cde14187d32
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNNCCFS55KED07GQJ28
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14088
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"b2e4ecfd231b06d291efa1b4a87799be-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1265ae-FRA
framework-aec4381329cec0e4.js
www.zscaler.com/_next/static/chunks/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/framework-aec4381329cec0e4.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5faabfef8a098483b94198ce9e3eb18f4384e9d4bc9c1942bc6708d91afcc2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNRZ6G6AV8VFCMJ21VR
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14342
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"63a6d391c4db498a3071097ab701d085-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1365ae-FRA
main-7a34f091b679c40f.js
www.zscaler.com/_next/static/chunks/ 		99 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/main-7a34f091b679c40f.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e01c258e35b50211a4515b1c38c8724a643fdcc91609e484a2a4696680851e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNM7024115WSSR56GXM
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
11281
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"2ef62f9b6a790fed1f4a3d6931841636-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1465ae-FRA
_app-838ce8664828e83b.js
www.zscaler.com/_next/static/chunks/pages/ 		28 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/pages/_app-838ce8664828e83b.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0304ffa7c87378f9e91eea78f43f05abb2165d2377d35fb9bb0fcd53dfdb2472
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNQGC6QCD9VQZB4E130
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13767
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"3242dfab00d17884bcc764fadb20cd52-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1565ae-FRA
4612-88209be1d67a3d19.js
www.zscaler.com/_next/static/chunks/ 		218 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/4612-88209be1d67a3d19.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae094ea99d2b7bfecbdcb091c4d4c6c3bf470864951f7b42a11357ec7805d46
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNNPKZDGZ3KQQ571C79
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14341
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"ed133576a8e9e5bb6a615bd008e20ca3-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1665ae-FRA
5403-24b4d1e45a6ee2a6.js
www.zscaler.com/_next/static/chunks/ 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/5403-24b4d1e45a6ee2a6.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc25f2f1b34b8a8f05f370af8e86cd64f1869c5f7e27913469a752da5fc55235
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNN4R3ZT23N3CE8DDMX
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13797
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"aeeef92ac1610640c54ad37cd8dc93ab-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1765ae-FRA
8727-20c5b8f3aeb72a48.js
www.zscaler.com/_next/static/chunks/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/8727-20c5b8f3aeb72a48.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5506d7c716e804260e467cb9d630bed25eaaa21c6ad8fc0f7c57f70505700a53
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNQVP4RK24P1K3K27FK
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13579
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"1c855ca5a974de95ee1606c6abca01f9-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1865ae-FRA
6957-ba3a3f90ff78aa46.js
www.zscaler.com/_next/static/chunks/ 		133 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/6957-ba3a3f90ff78aa46.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70e82fbfc90d2818cc31f0e927691e6ab206d5f81e3ef579be3ad33bf6a3f4a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNHQBPR0H7942W6VXJK
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13916
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"8f8d1504e751d21613e1d1ac92775aa1-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1965ae-FRA
%5B...slug%5D-6ae9788da83864e5.js
www.zscaler.com/_next/static/chunks/pages/blogs/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/pages/blogs/%5B...slug%5D-6ae9788da83864e5.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4bdfcb700a1d9a605254ced84d72baac8bb485222734489c34a2e8bb5c6e848
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNMRCWQ82WEC7J188M5
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
1086
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"4f00769f0377b0ccb49806ea35d72694-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1b65ae-FRA
_buildManifest.js
www.zscaler.com/_next/static/n1hBeAbTf5tJAMoQl_1eB/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/n1hBeAbTf5tJAMoQl_1eB/_buildManifest.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32820040e057f042c37e36e658a3fd3504319bba0e82ae2617f6e4c4f489f8f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNNECDQXEEAP28TF3NP
date
Thu, 29 Feb 2024 02:14:36 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14088
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"186c89b97faa95e1b751e3c4756ce241-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1c65ae-FRA
_ssgManifest.js
www.zscaler.com/_next/static/n1hBeAbTf5tJAMoQl_1eB/ 		280 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/n1hBeAbTf5tJAMoQl_1eB/_ssgManifest.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b722810ad3b4c88ec06524fd76f5527ccf1a18fe74b711998fbdbca59900ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RNP56QNT94GSDM42RAP
date
Thu, 29 Feb 2024 02:14:35 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13514
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"de7b6f436563cce2d575b0a7dfd24787-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd650a9e1d65ae-FRA
email-decode.min.js
www.zscaler.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:35 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
last-modified
Fri, 23 Feb 2024 17:10:29 GMT
server
cloudflare
content-encoding
gzip
etag
W/"65d8d185-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
85cd650a9e1e65ae-FRA
expires
Sat, 02 Mar 2024 02:14:35 GMT
netlify-rum.js
netlify-rum.netlify.app/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netlify-rum.netlify.app/netlify-rum.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
257ef1b7dd06f88a465e5badb58c57b62cf678d7618ecc2929aa3b428e848122
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8RQN8Y52HTMVE3QQ5PYJ
date
Thu, 29 Feb 2024 02:14:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
18973
cache-status
"Netlify Edge"; hit
etag
"920128a05f6ecf111e0920b419925cc1-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
4025
figure_1_5.png
www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/figure_1_5.png
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbe0a02ce3100e00f27c08158c477693c0d031094e9866ebc94c8342e488fb3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
38248
cf-resized
internal=ok/d q=0 n=710+164 c=0+0 v=2024.1.3 l=38248
last-modified
Mon, 26 Feb 2024 23:39:40 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"cfe7G54U0cxLO5fNYMdR9hy-Pl1gWqs-rDoNB_ezzVDw"
vary
Accept, Accept-Encoding
warning
cf-images 299 "cache-control is too restrictive", cf-images 299 "image too large for AVIF"
content-type
image/webp
cache-control
max-age=300
accept-ranges
bytes
cf-ray
85cd65183c7665ae-FRA
figure_2_6.png
www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/figure_2_6.png
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b92441ba350b4367e04e321b08f791f7dfb9ea229c3dd3ff0e91d89abe7e3f2f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
163848
cf-resized
internal=ok/d q=0 n=1315+196 c=0+0 v=2024.1.3 l=163848
last-modified
Mon, 26 Feb 2024 23:44:37 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"cfid2WSrhUQyhOToL5WYqSYV1G1gWqs-rDoNB_ezzVDw"
vary
Accept, Accept-Encoding
warning
cf-images 299 "cache-control is too restrictive", cf-images 299 "image too large for AVIF"
content-type
image/webp
cache-control
max-age=300
accept-ranges
bytes
cf-ray
85cd65183c7765ae-FRA
figure_3_5.png
www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/figure_3_5.png
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d70f266b21272f120181280a40896019db9d0e7193f5852f9111a1fbb82f59b7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
118324
cf-resized
internal=ok/d q=0 n=43+154 c=0+0 v=2024.1.3 l=118324
last-modified
Tue, 27 Feb 2024 15:48:01 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"cfk5LMhoO4fHjTzRxLncKDp2kU1gWqs-rDoNB_ezzVDw"
vary
Accept, Accept-Encoding
warning
cf-images 299 "cache-control is too restrictive", cf-images 299 "image too large for AVIF"
content-type
image/webp
cache-control
max-age=300
accept-ranges
bytes
cf-ray
85cd65183c7a65ae-FRA
figure_4_5.png
www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/figure_4_5.png
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dac41e5769205cdde828650006d0097810ab4f98718faca4eb7d08f1cdcf132
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
36773
cf-resized
internal=ok/d q=0 n=268+153 c=0+0 v=2024.1.3 l=36773
last-modified
Tue, 27 Feb 2024 15:49:27 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfwAadaPLKzWbOtqVUyaYV7X7w1gWqs-rDoNB_ezzVDw"
vary
Accept, Accept-Encoding
warning
cf-images 299 "cache-control is too restrictive"
content-type
image/avif
cache-control
max-age=300
accept-ranges
bytes
cf-ray
85cd65183c7b65ae-FRA
figure_5_5.png
www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/figure_5_5.png
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3198ab953223ce749659ef7de50c0005053ce98706f7dca9684df17ecbcbb30c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
70213
cf-resized
internal=ok/d q=0 n=301+85 c=0+0 v=2024.1.3 l=70213
last-modified
Tue, 27 Feb 2024 15:52:05 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfftGahwu1NhkJrM08oOZgrEBp1gWqs-rDoNB_ezzVDw"
vary
Accept, Accept-Encoding
warning
cf-images 299 "cache-control is too restrictive"
content-type
image/avif
cache-control
max-age=300
accept-ranges
bytes
cf-ray
85cd65183c7d65ae-FRA
figure_6_4.png
www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/figure_6_4.png
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab49bd3ceb497408c6dee3eb05420ef981d2e7570ac0318bb393c15727ef92d9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
43520
cf-resized
internal=ok/d q=0 n=50+83 c=0+0 v=2024.1.3 l=43520
last-modified
Tue, 27 Feb 2024 15:53:39 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfThw3gOO6-9AWrwzwaSQB6pMz1gWqs-rDoNB_ezzVDw"
vary
Accept, Accept-Encoding
warning
cf-images 299 "cache-control is too restrictive"
content-type
image/avif
cache-control
max-age=300
accept-ranges
bytes
cf-ray
85cd65183c7e65ae-FRA
3e894970-e3e9-4783-85e9-7c38eedbfbbf.json
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/3e894970-e3e9-4783-85e9-7c38eedbfbbf.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc627f4b1e5dacb3ee886d29ba63681f0d2b79f21bd300e2e2ed7da9ef0b0f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
40268
content-md5
YHImVuNT7eCao8TDtU7GFg==
content-length
1822
x-ms-lease-status
unlocked
last-modified
Sat, 17 Feb 2024 09:22:09 GMT
server
cloudflare
etag
0x8DC2F99EAE2CCF8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
10529c83-a01e-0009-0182-617c50000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85cd6518cce42c4f-FRA
expires
Fri, 01 Mar 2024 02:14:38 GMT
7763.388ef9f1e59537d2.js
www.zscaler.com/_next/static/chunks/ 		999 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/7763.388ef9f1e59537d2.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-83aa55a4e1dfc48c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6635c7a8c9340a594fe3030b37828f0bcc792414b520f48f3e8b566e78e8239e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TT595BX52RJK9N133ZW
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14386
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"7dab2f4503ab3378f47966fa9ca9e6ca-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd65185ca665ae-FRA
5551.be333bf1a8475626.js
www.zscaler.com/_next/static/chunks/ 		965 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/5551.be333bf1a8475626.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-83aa55a4e1dfc48c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e4c7ae4935ffccf99e5f7e878bd26041f9b26e242371fa2b9a0d25e828010a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TT551QCE39DP2YQ3D13
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13515
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"20589f87c5a75439fd6a0d6cdecd1cd5-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd65185ca765ae-FRA
6023.eb027d8b2eca9d08.js
www.zscaler.com/_next/static/chunks/ 		1007 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/6023.eb027d8b2eca9d08.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-83aa55a4e1dfc48c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
decf18e6ed4b163a7a0ef6ddecbafcfb300be5f0cd98140960efc65adb115c59
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TT44JYEKDERGWY06W2Z
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
12104
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"15171768d34587252a5d8301edc706ef-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd65186ca865ae-FRA
790.172105aad548b0af.js
www.zscaler.com/_next/static/chunks/ 		1 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/790.172105aad548b0af.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-83aa55a4e1dfc48c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453d1d7e123dbb1eb52bd8bcea12a17ed52a2362bf5b6a7fa629ba720a0e6f41
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TT44FB2PPZM8PF5DX33
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14342
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"3085e22baa4baefc8becee2ed0dc21ed-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd65186ca965ae-FRA
6831.22fb05c3ff44b775.js
www.zscaler.com/_next/static/chunks/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/chunks/6831.22fb05c3ff44b775.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-83aa55a4e1dfc48c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb2df2831ea2234d9a6db640b566056945c3025380ddb99653c9546f6fca8e4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TTFFEBF2KH5MHV1EPB7
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14089
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"bf365ba0a378d5274af26526a8ccfcc4-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd65187cb165ae-FRA
image
www.zscaler.com/_next/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2F----category-images%2Fadvanced-persistent-threats%2Fzscaler-blog-advanced-persistent-threats-2%25402x.jpg&w=640&q=75
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22147435acc9ecc41bb846cafae52d28f46ee418ff8c84280c627c843d7b3c92
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN cms.zscaler.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TWPN5JSGDQ6DV8ZP7CN
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
0
netlify-vary
cookie=__next_preview_data:presence|__prerender_bypass:presence
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
38-PI4w8PWmpqigxSFGY9yA3aU88Ps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN cms.zscaler.com
content-type
image/webp
cache-control
public,max-age=0,must-revalidate
x-middleware-next
1
cf-ray
85cd6518eced65ae-FRA
image
www.zscaler.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Findian_flag.jpg&w=640&q=75
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1913d4abf823d48d7baea4ef9dfa47b932188db3e19c4563e07e298de8a60d
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN cms.zscaler.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TWM5FFN51SFR86NA5DN
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
155647
content-length
7368
netlify-vary
cookie=__next_preview_data:presence|__prerender_bypass:presence
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"1cc8-rMvSEeJPxsG2hAFeZJ5XxthkBFY"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN cms.zscaler.com
content-type
image/webp
cache-control
public,max-age=0,must-revalidate
x-middleware-next
1
cf-ray
85cd6518ecee65ae-FRA
image
www.zscaler.com/_next/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Fshutterstock_411660106.jpg&w=640&q=75
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8600af66416653c8348551876f1466872949730c3d8c7925f392ac6824cb0aab
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN cms.zscaler.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TWW7TZB2HMMNY9MGJA8
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
0
netlify-vary
cookie=__next_preview_data:presence|__prerender_bypass:presence
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"7f72-j1gruFCrARPNDA1NmKHnJjhl5gs"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN cms.zscaler.com
content-type
image/webp
cache-control
public,max-age=0,must-revalidate
x-middleware-next
1
cf-ray
85cd6518ecef65ae-FRA
02751ebafd40155e.css
www.zscaler.com/_next/static/css/ 		95 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/02751ebafd40155e.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-7a34f091b679c40f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e05217cb6c08c8ac8fccd62fe7541004252cb0fd5fe47716ea55bc7aa555f5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TWNDG02RTRZCKZ9EKDR
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14342
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"ef75d7a53cc746344d1f77b9626c415c-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd6518ecf065ae-FRA
60eb4664b635b404.css
www.zscaler.com/_next/static/css/ 		76 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/_next/static/css/60eb4664b635b404.css
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-7a34f091b679c40f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8c8f5340dc34290a19d0068536f04e17fb8e3faaf46cb3335a10fd7a475d24
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TWPN1QV5QP44HZYPSAK
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
14344
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"fb3cd16a13310e72ac102aaa68fcf533-ssl-df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
cf-ray
85cd6518ecf165ae-FRA
image
www.zscaler.com/_next/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Findia-europe-blog-tile-img-700x467-Opt1.jpg&w=1920&q=75
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d3902f1f14b183805345377b81268ea40eae93eaa9cfe5eab2b5bef5533c59
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN cms.zscaler.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8TXCPMEEW429TGJG9SJW
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
0
netlify-vary
cookie=__next_preview_data:presence|__prerender_bypass:presence
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"123e6-F1tFKjK2amjYxrES4QpXR9vTRuo"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN cms.zscaler.com
content-type
image/webp
cache-control
public,max-age=0,must-revalidate
x-middleware-next
1
cf-ray
85cd65190cf765ae-FRA
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
85cd6519afa82bd9-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202401.2.0/ 		429 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
619961cc5419607d2024e330d6c57c6574bf7610260fb43362fbbcc800854d5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
S1Y6/40RYuKp4yHMipHDTg==
age
77158
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106707
x-ms-lease-status
unlocked
last-modified
Mon, 26 Feb 2024 03:25:08 GMT
server
cloudflare
etag
0x8DC367A88B71ACE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9c2ae3a7-001e-0072-3a8f-683ecc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85cd6519fc38360b-FRA
en.json
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/7e39d72d-1927-46f7-a0e0-f2afc442f33f/ 		86 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/7e39d72d-1927-46f7-a0e0-f2afc442f33f/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50970779ad17a87bb8b369bc2a10e5d1ee0f842840da83cb66b8879cc949162b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
40267
content-md5
7RjEYhdiCyD4fxV0gtHojA==
content-length
21100
x-ms-lease-status
unlocked
last-modified
Sat, 17 Feb 2024 09:22:17 GMT
server
cloudflare
etag
0x8DC2F99EF9C416D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7c5386b1-801e-007c-1e82-61177c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85cd651a9d9d2c4f-FRA
expires
Fri, 01 Mar 2024 02:14:38 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dEXtQ1jHQn9CULgzadH0PQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3041
x-ms-lease-status
unlocked
last-modified
Mon, 26 Feb 2024 03:25:02 GMT
server
cloudflare
etag
0x8DC367A852356FA
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c3156efa-301e-008d-3698-680e51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85cd651afdc22c4f-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
hR6ntQdnJDAD8IiMz8NXkg==
age
19045
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1766
x-ms-lease-status
unlocked
last-modified
Mon, 26 Feb 2024 03:25:04 GMT
server
cloudflare
etag
0x8DC367A862F9681
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8861f7dc-901e-0002-4f96-68873b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85cd651afdc32c4f-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Mon, 26 Feb 2024 03:25:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
016aeaf4-d01e-0013-5d97-681d8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
85cd651afdc42c4f-FRA
gtm.js
www.googletagmanager.com/ 		507 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c24bb023f08599741208ac6c44edde2506c38f6e18e4792ad7b1ed5bbc866fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134075
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Feb 2024 02:14:38 GMT
fail-over.js
www.zscaler.com/ 		0
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zscaler.com/fail-over.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-7a34f091b679c40f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id
01HQSA8V8TMX4ACBKZANRZYB8T
date
Thu, 29 Feb 2024 02:14:38 GMT
content-security-policy
default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
cf-cache-status
DYNAMIC
age
13441
content-length
0
x-xss-protection
1; mode=block
netlify-vary
cookie=__next_preview_data:presence|__prerender_bypass:presence
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"642bae6f53086a582ac010d18b576c9f-ssl"
x-frame-options
SAMEORIGIN https://cms.zscaler.com
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
cf-ray
85cd651b5df465ae-FRA
zscaler-variation-icon-white.png
cdn.cookielaw.org/logos/0ab9c0b7-247a-4ae1-b653-bc1c2e1efb99/256f2a6f-666d-41eb-84f6-97d1c369757f/c698a5b3-da88-44d7-a9e1-c8ef1ffbadd6/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/0ab9c0b7-247a-4ae1-b653-bc1c2e1efb99/256f2a6f-666d-41eb-84f6-97d1c369757f/c698a5b3-da88-44d7-a9e1-c8ef1ffbadd6/zscaler-variation-icon-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce4e274c5793e7cd62cb67e2630278ef4a470b4baa35cb3b42e145717faed336
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Feb 2024 02:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
AjwaatmEihRgIitZTQhd5w==
age
51116
content-length
1448
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 04:58:22 GMT
server
cloudflare
etag
0x8DC292BBDAF597C
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4fdfa376-401e-00a8-685d-61a72d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
85cd651b7cc7360b-FRA
js
www.googletagmanager.com/gtag/ 		293 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62fc8cea9950242002f5f14e55109e33e44aa116ca5d714aa074471f72949d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99045
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Feb 2024 02:14:38 GMT
destination
www.googletagmanager.com/gtag/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-973777747&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8ecffd45e2109c9c4e158a198caa44a299e65db55b376cc70f0c97165c0eb1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77901
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Feb 2024 02:14:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Feb 2024 01:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1590
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 29 Feb 2024 03:48:09 GMT
destination
www.googletagmanager.com/gtag/ 		255 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-812494211&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56825a18609edf018f2aa9171e46577bf1f567a1bd53da6042d2d2525c2a010f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87887
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Feb 2024 02:14:38 GMT
6934ae2b-4c76-4229-97d0-8f637b004b88.js
j.6sc.co/j/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/j/6934ae2b-4c76-4229-97d0-8f637b004b88.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fcd0d01f674bf8bc63ee2236eb16f008bdfaa10ff622806b05b762a88ac3498c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
uLuCr1hhLpJjZt0sFSB89FSJa4YqIrE7
date
Thu, 29 Feb 2024 02:14:39 GMT
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-amz-meta-content-type
application/json
content-length
3771
pragma
no-cache
last-modified
Tue, 02 May 2023 17:36:47 GMT
server
AmazonS3
etag
"afb8c61166e7f50fe6d7ab7b6377733c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-amz-cf-id
j28sVXycimd0vmEsQ2ULB4yBPLJIkkcULK7J6rjLZgnd5bCvMk9bjA==
expires
Thu, 29 Feb 2024 02:14:39 GMT
roundtrip.js
s.adroll.com/j/ 		80 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:4a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af151592386fa0fbeb1de70e7cfad51720dc99626d92070cc40ba74fdbc1e85a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Thu, 29 Feb 2024 01:39:02 GMT
X-Amz-Version-Id
CLfV4shnsLPv_YA1kCPcePB0KwsnXK4r
Content-Encoding
gzip
Via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
Age
2137
X-Amz-Cf-Pop
MUC50-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 22 Feb 2024 18:36:18 GMT
Server
AmazonS3
Etag
W/"8383a35d69d96ee7d6073ad727028386"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
KBpe-q8JvTsVn-NdoO56fEMjIN2c7pBvo_TfTEcxPMXykucuviAQjg==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c12d636cb5268c2f7f86c34ec5b1af2826a685eae5e503aece3c477fdd97a971
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Feb 2024 20:48:24 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=66878
accept-ranges
bytes
content-length
647
6635.js
script.crazyegg.com/pages/scripts/0097/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0097/6635.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1b62ebdc0c45ecba861f2fb9a04dbc120ac946fd065cb22a4d2d1d09e3e3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7921
cf-polished
origSize=6112
ce-version
11.5.188
cf-bgj
minify
last-modified
Thu, 29 Feb 2024 00:02:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
85cd651dfb30bbd1-FRA
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45396b8359112c614d4aab3fcb716deaabc47e477078f675d7bf69f5791c8f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 29 Feb 2024 02:14:38 GMT
last-modified
Thu, 22 Feb 2024 21:00:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EB1318E554B9401A9285758DBA4FAE3E Ref B: FRA31EDGE0716 Ref C: 2024-02-29T02:14:39Z
etag
"0adee36d265da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13197
bizible.js
cdn.bizible.com/scripts/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
f4ab0a26662426d1b923b7a4efde23bd97b936efd67c3bcd569c2176358b327d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
last-modified
Thu, 22 Feb 2024 17:56:31 GMT
server
ECS (frb/67D4)
age
18147
etag
"6c3d6e77b865da1:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
25393
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Feb 2024 02:14:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
N+/m4qKWz2dVy9fAEwjo4VYZ7aCxnZ/VLiBsSeBwWHaL4XEyP0EFq6Vp9jigTlmBzbhWab11i/OsPhJJrvMvxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking.js
trk.techtarget.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:973c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 15:01:39 GMT
server
cloudflare
age
84364
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1200
cf-ray
85cd651def4b195c-FRA
expires
Thu, 29 Feb 2024 02:34:39 GMT
zi-tag.js
js.zi-scripts.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
x-amz-version-id
lFoq_FZJwJ3rDVe9.7kNMZjc5YKK6r5L
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 11 Dec 2023 12:17:02 GMT
server
cloudflare
via
1.1 4e44ab675e04b2d505f10321504a5be2.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P5
etag
W/"15c02cdee0df6c26ba3d8c62d912c66c"
age
75520
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cf-ray
85cd651dbfd658ea-TXL
x-amz-cf-id
e3SQmDyatbDNz8XLVuSktC46JbsMR8U0fP8f0o1nePEfhPyTOaZ2AA==
tags.js
tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/ 		0
0
spx
dx.mountain.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cb=83863846588762320term=value
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-149-65.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
5453c10ba79ea5cd2df54b880fb6c07ed470304db1680ec57d03553043898dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
server
istio-envoy
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
x-envoy-upstream-service-time
3
be
spx-prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
fullcircle.js
d2i34c80a0ftze.cloudfront.net/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=731c316a-c46e-4a94-81a9-7cfc0ea0d53e&domain=zscaler.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:7800:9:14eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aa2b8282a1438a0e53971aa29a5c54f2911a3cb79b44cc20f8521ead150c458f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 05:29:18 GMT
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront), 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-C1, MUC50-P2
age
74720
x-amzn-requestid
a4e1e95f-0fe6-421a-b49c-fb2e3e720ebd
x-amzn-trace-id
Root=1-65dec4ae-71fb41323feae9ab52423d65;Parent=15d8340ba04f6983;Sampled=0;lineage=be50798f:0
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
T1OrXHI6PHcEOLA=
x-amz-cf-id
H0TF39BvmYDqkAOQJwEi8IVzmlqx_Uipin29pNnyQ5MNkEoXd4Fe0g==
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:06:10 GMT
content-encoding
gzip
age
509
x-guploader-uploadid
ABPtcPrdXieS_83rwfiKG2DLE6i6LvA4OO_ki2Y8V6YmkhFvTLjzaL_UvNNIQRRckNqLUdOXuvVWu-r4Vw
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Thu, 29 Feb 2024 03:06:10 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-812494211
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a44b250a3df5c6288d88e99a129be57792edf4ebc9307e1f027d87a88ae35fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87717
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Feb 2024 02:14:38 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 07:03:12 GMT
Content-Encoding
gzip
Via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
Last-Modified
Wed, 17 Jan 2024 00:44:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
69088
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
sdiMJJGiWoaXz15sdxi1940D1VNeN77hXQ1CeCXngG5BZ5B83IjSYA==
sf14g.js
t.sf14g.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sf14g.com/sf14g.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.184.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-184-178.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.118.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-118-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Thu, 29 Feb 2024 02:14:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/?random=1709172879027&cv=11&fst=1709172879027&bg=ffffff&guid=ON&async=1&gtm=45be42q1v882815967z871607006za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&hn=www.googleadservices.com&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&pscdl=noapi&auid=787449823.1709172879&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-812494211&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1dc93607551d2a0a07f0dd787c80bedd38337ce2769efb52d5975226db259e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1351
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/973777747/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973777747/?random=1709172879042&cv=11&fst=1709172879042&bg=ffffff&guid=ON&async=1&gtm=45be42q1z871607006za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&hn=www.googleadservices.com&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&pscdl=noapi&auid=787449823.1709172879&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-973777747&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0bf5bb58732f1aa0ec184c498b1d59a4181c51cef07a573f15890668de6799d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je42q1v883639532z871607006za200&_p=1709172878595&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1011682454.1709172879&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709172879&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&dt=WINELOADER%20Analysis%20%7C%20ThreatLabz&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.page_language=en&ep.page_hostname=www.zscaler.com&ep.blog_published_date=20240227&ep.blog_child_category=Threatlabz%20Research&ep.author_name=SUDEEP%20SINGH&ep.author_name_2=ROY%20TAY&ep.nid=75801&tfd=3497
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zscaler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-10SPJ4YJL9&cid=1011682454.1709172879&gtm=45je42q1v883639532z871607006za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zscaler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-10SPJ4YJL9&cid=1011682454.1709172879&gtm=45je42q1v883639532z871607006za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=616139177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.zscaler.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
T4FGihVdvHcESvQ=
cf-cache-status
DYNAMIC
cf-ray
85cd651ecd8144fe-TXL
date
Thu, 29 Feb 2024 02:14:40 GMT
server
cloudflare
vary
Access-Control-Request-Headers
via
1.1 a0e0d3e0dbd48638b1d23188b5e70fdc.cloudfront.net (CloudFront)
x-amz-cf-id
Ui1tDWluueNUNrDrN36pQiNp_sLgArkQ0ufiCv6La2HXzOUQ0iy4sw==
x-amz-cf-pop
BAH53-C1
x-cache
Miss from cloudfront
x-powered-by
Express
getSubscriptions
js.zi-scripts.com/unified/v1/master/ 		199 B
452 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
651e0a935201856c4b3e39ba28ae07c50a51b683a0004078334643d8762b1995

Request headers

visited_url
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer e6609b6e9a1669129391
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 29 Feb 2024 02:14:40 GMT
via
1.1 4e44ab675e04b2d505f10321504a5be2.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
TXL50-P5
x-powered-by
Express
etag
W/"c7-kxy7qhKLrWVXj76wdm8WeY7UFz0"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
85cd65251a7a44fe-TXL
x-amz-cf-id
rcNXrjj46MfqnNr0U_EhWw1NjY7VFL-VwwjxUlCXfMk6-_WOFcoBLw==
apigw-requestid
T4FGpg_YPHcESYg=
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1992130955&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&ul=en-us&de=UTF-8&dt=WINELOADER%20Analysis%20%7C%20ThreatLabz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1423298272&gjid=2087266322&cid=1011682454.1709172879&tid=UA-6177009-1&_gid=462640689.1709172879&_slc=1&gtm=45He42q1n715SLZFKv71607006za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1772237857
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zscaler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6177009-1&cid=1011682454.1709172879&jid=1423298272&gjid=2087266322&_gid=462640689.1709172879&_u=YCDAiEABBAAAAGAAI~&z=279340400
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 29 Feb 2024 02:14:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zscaler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:20c3:4a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 19:34:25 GMT
X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
Age
24015
X-Amz-Cf-Pop
MUC50-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
eE-_z2zvzLbrFNDD4IbtqTDRAwp8eh_2HiyRg2b3bpiLDSunW9dY6A==

Redirect headers

Date
Wed, 28 Feb 2024 18:30:18 GMT
Via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
Age
27860
X-Amz-Cf-Pop
MUC50-C1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
TG7nEJr_fLm2uy3JyQilW0dooh8hL78SrdcmWAd1h0BA6HufCHnr9g==
index.js
s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/ 		0
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:4a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id
0kfsVD7DlNf2MHi3_FUcp.bF.9LlZlIC
Date
Thu, 29 Feb 2024 02:14:39 GMT
Via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
Age
109
X-Amz-Cf-Pop
MUC50-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Mon, 26 Feb 2024 11:59:50 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
MqqrX80hysFhwlMrChnhUOzLacz1iHSmwBqwbpW5oLUAVB55xC5WGA==
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dec888202913f9630b63196880ea2e96210c59df2905e55154fe88432c1b0e3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Feb 2024 18:22:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=40899
accept-ranges
bytes
content-length
16524
gif.gif
ibc-flow.techtarget.com/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2334982&r=1709172879106&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&version=2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ibc_rate_tier
Access-Control-Request-Method
GET
Origin
https://www.zscaler.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 02:14:39 GMT
expires
Thu, 29 Feb 2024 02:14:39 GMT
server
nginx/1.20.2
vary
Origin
via
1.1 google
x-guploader-uploadid
ABPtcPolvQfd9D2KfhM-ecF1xU6E_Pz-3Ki9I_FpNrthcUOYz1hFirg3VZK7A0tMqVvIoQEv-5WteC36Hg
gif.gif
ibc-flow.techtarget.com/a/ 		43 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2334982&r=1709172879106&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&version=2.4
Requested by
Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier
2334982
Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
via
1.1 google
x-guploader-uploadid
ABPtcPovqio0mYxBTqEp3TQVl-3AJItIRnxJi9kypdttgq-c7ktsDfuVYPk_CW6lRNBYI-WCAus
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Thu, 08 Dec 2022 21:19:29 GMT
server
nginx/1.20.2
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
vary
Origin
x-goog-generation
1670534369365034
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control
public, max-age=3600
access-control-allow-methods
GET, POST, OPTIONS
x-goog-stored-content-length
43
accept-ranges
bytes
access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires
Thu, 29 Feb 2024 03:14:39 GMT
www.zscaler.com.json
script.crazyegg.com/pages/data-scripts/0097/6635/site/ 		138 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0097/6635/site/www.zscaler.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033e89762c7a86eab5dff91e727e710cb6ec0b1f0b9956c5c3e512c45be8335c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
12144
ce-version
11.5.188
content-length
18430
last-modified
Wed, 28 Feb 2024 22:52:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cd651f0b60382b-FRA
26354555.js
bat.bing.com/p/action/ 		1 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26354555.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfbd8d7a089d17409d244b68361d28f48afd0eceb7ef00f965afeba00468c780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 29 Feb 2024 02:14:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9E93A49FA97142BA8621A8AA4457E223 Ref B: FRA31EDGE0716 Ref C: 2024-02-29T02:14:39Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
1778897272132032
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1778897272132032?v=2.9.147&r=stable&domain=www.zscaler.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72a191e37e73098712a6e4788bb7c4c8826b52d393ba0bb1d1a87bf5dca38813
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Feb 2024 02:14:39 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
40CFAPTpMoA7bsTiMXhcO0wrSxmDKkwjXcebWLM2sqyct+zt4d8mytvDWxBen1U6B7/Ns4GtsZ7filSsjpqWTw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-di...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-di...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D33962%26time%3D1709172879153%26li_adsId%3D8ee5ed91-d36f-4b15-87dd-2f71079bb8c8%26...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-di...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-d...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cookiesTest=true&liSync=true&e_ipv6=AQJDwIzpbBkDDAAAAY3ypHJU1dXcHf2VKHTsSmtbdweAy5ErxdMuF3_OaKCpZe2vYr3R5Go
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:40 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9A69DFCDBC79421AA3DE3C11B80AA035 Ref B: FRAEDGE1118 Ref C: 2024-02-29T02:14:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYSe9JiqtFUlQ4HPj9gEQ==

Redirect headers

date
Thu, 29 Feb 2024 02:14:39 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FD69B6464D7C465DB8BA69DB00C030F7 Ref B: DUS30EDGE0308 Ref C: 2024-02-29T02:14:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1709172879153&li_adsId=8ee5ed91-d36f-4b15-87dd-2f71079bb8c8&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cookiesTest=true&liSync=true&e_ipv6=AQJDwIzpbBkDDAAAAY3ypHJU1dXcHf2VKHTsSmtbdweAy5ErxdMuF3_OaKCpZe2vYr3R5Go
x-li-proto
http/2
content-length
0
x-li-uuid
AAYSe9JegDEHfnjQihU4qg==
26354555
bat.bing.com/p/insights/t/ 		724 B
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/t/26354555
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/26354555.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a67063017039d29c7ce0b227538df8a83192275dbf04cdb5c509cfd6da6eebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
-1
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 29 Feb 2024 02:14:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6555E82E0E9D4A23957635367C7C5F6E Ref B: FRA31EDGE0716 Ref C: 2024-02-29T02:14:39Z
vary
Accept-Encoding
x-azure-ref
20240229T021439Z-5f3z977yth1gr3u3d2rmwmm85800000002v0000000004quu
content-type
application/x-javascript
x-cache
CONFIG_NOCACHE
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
616
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		2 B
123 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json
Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
server
Google Frontend
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
f258b3b2fcf288bb7385602c43830cef
cache-control
private
function-execution-id
ezs8wtwr8jmy
access-control-allow-headers
Content-Type, Accept
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.zscaler.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 02:14:39 GMT
function-execution-id
nuxi5mftnyj1
server
Google Frontend
x-cloud-trace-context
69e0963d1cd3052cbad111835a3ff941
ULSJHTPGTZGY3EPPZSKHKS
d.adroll.com/consent/check/ 		531 B
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/ULSJHTPGTZGY3EPPZSKHKS?pv=70438906519.30975&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&_s=360010f811a93d3457b3918e12139a2f&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:9001:9e85:f878:f35e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
26ccef7de6e2531d69dc022399a438b3fdc284eb9354118801c80bc33dc79601

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
server
nginx/1.22.1
content-length
531
content-type
application/javascript
/
www.google.com/pagead/1p-user-list/812494211/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/812494211/?random=1709172879027&cv=11&fst=1709172000000&bg=ffffff&guid=ON&async=1&gtm=45be42q1v882815967z871607006za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqjZdM_SmBhXOZtOE28dGCRjohp9YAIw&random=2912153038&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/812494211/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/812494211/?random=1709172879027&cv=11&fst=1709172000000&bg=ffffff&guid=ON&async=1&gtm=45be42q1v882815967z871607006za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqjZdM_SmBhXOZtOE28dGCRjohp9YAIw&random=2912153038&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/973777747/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/973777747/?random=1709172879042&cv=11&fst=1709172000000&bg=ffffff&guid=ON&async=1&gtm=45be42q1z871607006za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqyLYS55qOM7FhVP_sU58qwo4bcSc0Bw&random=1149098218&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/973777747/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/973777747/?random=1709172879042&cv=11&fst=1709172000000&bg=ffffff&guid=ON&async=1&gtm=45be42q1z871607006za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqyLYS55qOM7FhVP_sU58qwo4bcSc0Bw&random=1149098218&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ccea4752686d7aca062c5b1c67b398d2.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 		140 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/ccea4752686d7aca062c5b1c67b398d2.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d8c9451e6f1ca00266cb0033ca75a112276883ce38858573c7a8ae60e9a6e0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 17:08:38 GMT
server
cloudflare
age
35391
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cd651f5bd2bbd1-FRA
content-length
47001
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1778897272132032&ev=PageView&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&rl=&if=false&ts=1709172879248&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1709172879246.1019116065&cs_est=true&ler=empty&cdl=API_unavailable&it=1709172879137&coo=false&exp=e1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 29 Feb 2024 02:14:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6177009-1&cid=1011682454.1709172879&jid=1423298272&_u=YCDAiEABBAAAAGAAI~&z=354781428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6177009-1&cid=1011682454.1709172879&jid=1423298272&_u=YCDAiEABBAAAAGAAI~&z=354781428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
munchkin.js
munchkin.marketo.net/163/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.118.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-118-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Thu, 29 Feb 2024 02:14:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Sat, 08 Jun 2024 02:14:39 GMT
www.zscaler.com.json
script.crazyegg.com/pages/data-scripts/0097/6635/sampling/ 		154 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0097/6635/sampling/www.zscaler.com.json?t=474770
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/ccea4752686d7aca062c5b1c67b398d2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1089d247d1abd46a3fe8e06d995be9df10fac4c24d325df629b484268e2d093f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
12139
ce-version
11.5.188
content-length
145
last-modified
Wed, 28 Feb 2024 22:52:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cd651fbba3382b-FRA
0.7.20
bat.bing.com/p/insights/s/ 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/s/0.7.20
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/26354555
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 29 Feb 2024 02:14:38 GMT
x-cache
CONFIG_NOCACHE
x-fd-int-roxy-purgeid
51562430
content-length
14592
last-modified
Wed, 24 Jan 2024 14:34:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C3C213A1811D4C86A3E2ECB8C371677F Ref B: FRA31EDGE0716 Ref C: 2024-02-29T02:14:39Z
etag
W/"0x8DC1CE988AFCDA8"
vary
Accept-Encoding
x-azure-ref
20240229T021439Z-ygdb1t7d211fm4epypy7sstzb000000007f0000000008cp0
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e35fce7e-901e-0036-307a-66a3ab000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/ccea4752686d7aca062c5b1c67b398d2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 13c8b9a0a39ad1238a922185ad5547fc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
13998672
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
7ZJovwFK4Ii9vPj-nvrD5VYoI2kq09nnLXdz9Ka0N8VJz0-t5D8_vw==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/ccea4752686d7aca062c5b1c67b398d2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-45.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:29 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
6137471
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
OLUm8cfXxBl5mYJnW8ljX3Tc068_v_m4u5rqgtWmdKpSSJxSRzs0Ew==
d9850b4d-05f6-44c7-b47f-9bddf6e9cf35
https://www.zscaler.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.zscaler.com/d9850b4d-05f6-44c7-b47f-9bddf6e9cf35
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
visitWebPage
306-zej-256.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://306-zej-256.mktoresp.com/webevents/visitWebPage?_mchNc=1709172879412&_mchCn=&_mchId=306-ZEJ-256&_mchTk=_mch-zscaler.com-1709172879412-99607&_mchHo=www.zscaler.com&_mchPo=&_mchRu=%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Thu, 29 Feb 2024 02:14:40 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
a9fdf4be-7738-43a1-8994-80d329a91f67
6si.min.js
j.6sc.co/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/j/6934ae2b-4c76-4229-97d0-8f637b004b88.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Feb 2024 19:00:41 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"65d799d9-101dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
17693
expires
Thu, 29 Feb 2024 02:14:39 GMT
create
st.fullcircleinsights.com/v1/visitors/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://st.fullcircleinsights.com/v1/visitors/create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
js-version,origin-fci,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.zscaler.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.zscaler.com
content-length
1
content-type
application/json
date
Thu, 29 Feb 2024 02:14:39 GMT
via
1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
x-amz-apigw-id
T4FGiG9yvHcEhFw=
x-amz-cf-id
Ke8X4nXBmnddk8M2jXuKKIflIT-7o9LamMkOwsCSX_Zf2hdQP5iXCA==
x-amz-cf-pop
MUC50-P2
x-amzn-requestid
0f9273a4-b30e-4007-89e6-622b671a3001
x-cache
Miss from cloudfront
create
st.fullcircleinsights.com/v1/visitors/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.fullcircleinsights.com/v1/visitors/create
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
/
Resource Hash
b83a8509ec6a8a171e6e747ac33e72f1cac0f02069c4351866f6f3a40dee75ea

Request headers

origin-fci
https://www.zscaler.com
Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
js-version
1.0.59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
x-api-key
qJ5ZUG1BW44UIJbuBg8oP93ofs3xOFTZ7XFCqaSv
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Feb 2024 02:14:40 GMT
via
1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-amzn-trace-id
Root=1-65dfe890-641d53b4773ce59f22f49064;Parent=67cae36c50948721;Sampled=0;lineage=7c392b7c:0
x-amzn-requestid
62cd068d-f034-47e6-ab27-170b8a0e3ba7
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.zscaler.com
x-amz-apigw-id
T4FGnH8sPHcEWpg=
content-length
1407
x-amz-cf-id
l0SbOvKDPdJnnm_w6qpR5S0nq-VrFfUGasNE1AgQPY1QbKbjrc9gXw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/?random=1709172879497&cv=11&fst=1709172879497&bg=ffffff&guid=ON&async=1&gtm=45be42q1v882815967za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&hn=www.googleadservices.com&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&pscdl=noapi&auid=787449823.1709172879&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-812494211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd4443e489a08e406ae97470c8ddeeb5c0dd4fefd7cdf540d4150141c14600fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1373
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w
bat.bing.com/p/insights/c/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/c/w
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/x-webinsights-gzip
Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Feb 2024 02:14:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9FA0EA4EB7C94472A7A26719D123EF4C Ref B: FRA31EDGE0716 Ref C: 2024-02-29T02:14:39Z
vary
Origin
x-cache
CONFIG_NOCACHE
access-control-allow-origin
https://www.zscaler.com
access-control-allow-credentials
true
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
3624a96c-efbf-44f9-8cd8-5c02cea858b5
https://www.zscaler.com/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.zscaler.com/3624a96c-efbf-44f9-8cd8-5c02cea858b5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
up
insight.adsrvr.org/track/ Frame 32EF 		0
0
clock
tracking.crazyegg.com/ 		38 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1709172879523&tk=80f93ae68d664369d14c6654f4ff8042&s=366477&p=%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&u=976635&v=07154c8477f3ee87fd5d8a6d243d3c454bcc110c&f=zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&ul=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.100.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-100-15.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
92c64e0ba29d4d830846c7b09afe191979744041038980b7673f502d717d6d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 29 Feb 2024 02:14:39 GMT
cache-control
no-store
server
awselb/2.0
content-length
38
content-type
text/plain
getuidj
secure.adnxs.com/ 		11 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
an-x-request-uuid
d70f0df8-9233-4a3e-933f-6f5e62f5b100
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zscaler.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.102; 80.255.7.102; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/ 		7 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.zscaler.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		19 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:23::1726:62a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a0ae602e4b19bb4491ccba1bab200ae243fa876b70cefdd8894ae0111a788306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.zscaler.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a01:4a0:1338:92::9
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1709172879593_388391911_41177866_29_944_38_79_219";dur=1
content-length
19
expires
Thu, 29 Feb 2024 02:14:39 GMT
/
c.6sc.co/ 		7 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.zscaler.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		19 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:23::1726:62a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a0ae602e4b19bb4491ccba1bab200ae243fa876b70cefdd8894ae0111a788306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.zscaler.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a01:4a0:1338:92::9
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1709172879672_388391911_41177867_28_936_38_79_219";dur=1
content-length
19
expires
Thu, 29 Feb 2024 02:14:39 GMT
/
www.google.com/pagead/1p-user-list/812494211/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/812494211/?random=1709172879497&cv=11&fst=1709172000000&bg=ffffff&guid=ON&async=1&gtm=45be42q1v882815967za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqbiEnEZvKBtNdTIyvphjHZh9wyF42b87-zqWhG9jjVWDBxTgu&random=2050820046&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/812494211/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/812494211/?random=1709172879497&cv=11&fst=1709172000000&bg=ffffff&guid=ON&async=1&gtm=45be42q1v882815967za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&frm=0&tiba=WINELOADER%20Analysis%20%7C%20ThreatLabz&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqbiEnEZvKBtNdTIyvphjHZh9wyF42b87-zqWhG9jjVWDBxTgu&random=2050820046&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22ab9750bca4342498694e239e304dd3a9%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%221dc729230d6b8d19bab5e6236d81f60c4dca0823%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%226934ae2b-4c76-4229-97d0-8f637b004b88%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22ab9750bca4342498694e239e304dd3a9%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%221dc729230d6b8d19bab5e6236d81f60c4dca0823%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%226934ae2b-4c76-4229-97d0-8f637b004b88%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
details
epsilon.6sense.com/v3/company/ 		725 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.208.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-208-225.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98

Request headers

Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
Authorization
Token 1dc729230d6b8d19bab5e6236d81f60c4dca0823
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-6s-CustomID
WebTag 6934ae2b-4c76-4229-97d0-8f637b004b88

Response headers

x-trace-id
2658313459283328140
date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
server
nginx
vary
Origin, Accept-Encoding
content-type
application/json
x-6si-region
eu-central-1a
access-control-allow-origin
https://www.zscaler.com
access-control-expose-headers
X-6si-Region
access-control-allow-credentials
true
timing-allow-origin
https://6sense.com, https://www.ssga.com
content-length
387
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.208.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-208-225.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://www.zscaler.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.zscaler.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
date
Thu, 29 Feb 2024 02:14:39 GMT
server
nginx
timing-allow-origin
https://6sense.com, https://www.ssga.com
x-6si-region
eu-central-1a
x-trace-id
2236439562126542531
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A9%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
d9b6b28e3d84db3e4c966a5cf73af402.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:49:38 GMT
server
cloudflare
age
35392
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cd65229d20bbd1-FRA
content-length
8025
974d3ebe-f829-4609-a3f8-fa82fc9c6634
https://www.zscaler.com/ 		256 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.zscaler.com/974d3ebe-f829-4609-a3f8-fa82fc9c6634
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac0ee85e70983eefc35eb7d35b815b65fdcc5cdc044eef5c048dce7c726e9526

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
256
Content-Type
text/javascript
b0e17bcf43b51c91e67fbde54b1bc150.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/b0e17bcf43b51c91e67fbde54b1bc150.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b14edb63144690e6c4ecec619bacb9293014169b6b177be4df6f5aae84fdbc53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 16 Feb 2024 13:12:52 GMT
server
cloudflare
age
35392
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cd6522dd3bbbd1-FRA
content-length
30700
/
px.ads.linkedin.com/wa/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Feb 2024 02:14:40 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: ECEB6C49F04B48038FA501AE163CAA1F Ref B: DUS30EDGE0308 Ref C: 2024-02-29T02:14:40Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.zscaler.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYSe9JlhfyTQ2TFcyK6jA==
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A39%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:40 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
queue
st.fullcircleinsights.com/v1/visits/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.fullcircleinsights.com/v1/visits/queue
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
/
Resource Hash
6d50d10b778307c65cec723f2ec7beea25c203abcf1ef1580f9963cfee2185e0

Request headers

origin-fci
https://www.zscaler.com
Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
js-version
1.0.59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
x-api-key
qJ5ZUG1BW44UIJbuBg8oP93ofs3xOFTZ7XFCqaSv
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Feb 2024 02:14:41 GMT
via
1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-amzn-trace-id
Root=1-65dfe891-63d13ce047d5e28849454c5c;Parent=5a81ae2a414a2d50;Sampled=0;lineage=adebd93c:0
x-amzn-requestid
f2b5ee4b-aedf-4283-91bc-e0e2795dfa63
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.zscaler.com
x-amz-apigw-id
T4FGxEP9vHcEecw=
content-length
2064
x-amz-cf-id
m6rb9xZz_QlJ0Z1-oHwrASdpjrvQb0RNzrwNB6Fsdn4BYGN3JrwuMA==
queue
st.fullcircleinsights.com/v1/visits/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://st.fullcircleinsights.com/v1/visits/queue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-91.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
js-version,origin-fci,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.zscaler.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.zscaler.com
content-length
1
content-type
application/json
date
Thu, 29 Feb 2024 02:14:41 GMT
via
1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
x-amz-apigw-id
T4FGtFTxPHcETyg=
x-amz-cf-id
d2KRdfAkZiAmQo8IwJSAfnwqS1YtrosD_-NfcjdRaK132Fyy5V4wjA==
x-amz-cf-pop
MUC50-P2
x-amzn-requestid
3b8a71a9-2fea-41e9-a86b-b469f1fa1397
x-cache
Miss from cloudfront
/
ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/?iszitag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://www.zscaler.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://www.zscaler.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85cd6529af6865b6-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 02:14:41 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
formcomplete.js
ws-assets.zoominfo.com/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws-assets.zoominfo.com/formcomplete.js
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff1b16ebe5d1a63a88b474f3173e88dc249a541f539f0efb8b6a2413ea84605

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
2487
x-guploader-uploadid
ABPtcPq762lT0qb3GSwpgW7I4TSOGfFyklV7LofEKI2WcnsoDYflln2vEzB3HYT-qB7_LLiBeNl40UUd4A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Feb 2024 12:32:35 GMT
server
cloudflare
etag
W/"bfb356311b79124403b7a14428149b19"
x-goog-hash
crc32c=J4jeCA==, md5=v7NWMRt5EkQDt6FEKBSbGQ==
x-goog-generation
1708432355098391
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
87793
cf-ray
85cd6529ae5318fd-FRA
expires
Thu, 29 Feb 2024 02:33:13 GMT
/
ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
63be610a259d87102209ef2be3cc3fb1d2914d6e6ab9c4b5eb31627dba2a8433
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

visited-url
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Referer
https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
_vtok
ODAuMjU1LjcuMTAy
_zitok
08e49e0abfc01f01f5d31709172880
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/javascript

Response headers

date
Thu, 29 Feb 2024 02:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://www.zscaler.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
85cd652b4ebd65b9-FRA
forms
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.zscaler.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.zscaler.com
allow
POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85cd652a3f8b65b6-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 02:14:41 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
forms
ws.zoominfo.com/formcomplete-v2/ 		321 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7b2a1e7ec66641ad958a36774552cc40712f052e2db6542cacc01fd2dbcde58c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
Authorization
bearer 370c892e688e1744cd312ed1426b3a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 29 Feb 2024 02:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"141-mLq6O+j3ZcyvZxAx4AvrvpOh24w"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zscaler.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
85cd652b4ebf65b9-FRA
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A40%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%222009%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:41 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
st
px.mountain.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=G-10SPJ4YJL9%3BUA-6177009-1&ga_client_id=1011682454.1709172879&shpt=WINELOADER%20Analysis%20%7C%20ThreatLabz&ga_info=%7B%22status%22%3A%22One%20of%20the%20required%20properties%20not%20evaluated%20(mntnis%2C%20ga_tracking_id%2C%20ga_client_id%2C%20shpt).%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221709172879%22%7D%2C%7B%22id%22%3A%22UA-6177009-1%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_tracking_id%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_client_id%22%3A%221011682454.1709172879%22%2C%22shpt%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%2C%22dcm_cid%22%3A%221709172879.1%22%2C%22dcm_gid%22%3A%22462640689.1709172879%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1709172879.1&dcm_gid=462640689.1709172879&available_ga=%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221709172879%22%7D%2C%7B%22id%22%3A%22UA-6177009-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-10SPJ4YJL9%3BUA-6177009-1&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cb=83863846588762320term%3Dvalue&shoid=%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&shadditional=language%3Den%2Cadroll%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cb=83863846588762320term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-219-79.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
40a722d81e375022831716b3a9b4c41fa917a0290c3643399a5966c5162c138f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:42 GMT
content-encoding
gzip
server
istio-envoy
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time
1
connection
close
gs
gs.mountain.com/ 		144 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gs.mountain.com/gs
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
4b005617f68b2930e6826be91e73e61d454ebb9652aae03beeafe155fd206bca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:43 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
0
connection
close
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
144
x-application-context
application:prod:8080
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A41%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223009%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:42 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
st
px.mountain.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=G-10SPJ4YJL9%3BUA-6177009-1&ga_client_id=1011682454.1709172879&shpt=WINELOADER%20Analysis%20%7C%20ThreatLabz&ga_info=%7B%22status%22%3A%22One%20of%20the%20required%20properties%20not%20evaluated%20(mntnis%2C%20ga_tracking_id%2C%20ga_client_id%2C%20shpt).%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221709172879%22%7D%2C%7B%22id%22%3A%22UA-6177009-1%22%2C%22sess_id%22%3Anull%7D%5D%2C%22hardcoded_ga%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_tracking_id%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_client_id%22%3A%221011682454.1709172879%22%2C%22shpt%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%2C%22dcm_cid%22%3A%221709172879.1%22%2C%22dcm_gid%22%3A%22462640689.1709172879%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1709172879.1&dcm_gid=462640689.1709172879&available_ga=%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221709172879%22%7D%2C%7B%22id%22%3A%22UA-6177009-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-10SPJ4YJL9%3BUA-6177009-1&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&shoid=%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&shadditional=language%3Den%2Cadroll%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1709172882284941&shguid=a9328cfd-576b-33d4-9176-5c74abe31fac&shgts=1709172883139
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-219-79.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
6dd392c466cd921d7bc4ee56ec561bd197bf42953b447e2bc10e5167b8376e0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:43 GMT
content-encoding
gzip
server
istio-envoy
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time
15
connection
close
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A42%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224010%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:43 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
app.js
acsbapp.com/apps/app/dist/js/ 		300 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57a87fafbf39eaa66eaaf03fb793f8e7022008d7d736c48059d812d4d533179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPpC9rmCR_OOeTQ3u9UpeSyVWkKN4uFQx3H05DAk6heej5Tg8j4uV-uelv8nFXzMbPe6Yw
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Thu, 22 Feb 2024 13:47:44 GMT
server
cloudflare
etag
W/"a6344c87351b17f25994085c02e9cab8"
vary
Accept-Encoding
x-goog-hash
crc32c=vZ3O/A==, md5=pjRMhzUbF/JZlAhcAunKuA==
x-goog-generation
1708609664641855
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
306741
cf-ray
85cd653b2c7a65a6-FRA
expires
Fri, 28 Feb 2025 02:14:43 GMT
config.json
cdn.acsbapp.com/config/zscaler.com/ 		163 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/config/zscaler.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20594a73ecbdcb15e351a97aaed3f415fd3872c916d10a452bcb23b6329a06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPpy7ZKM5tUMrPjVudM67lQh_SybHwXqk9iu7JbOTnCvlFpqOGKIEcWC25tHed6yOexzKLM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 20 Feb 2024 16:21:37 GMT
server
cloudflare
etag
W/"1abca27397efc7e08a17533c485a8b59"
vary
Accept-Encoding
x-goog-generation
1708446097855326
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=cr7nwQ==, md5=Gryic5fvx+CKF1M8SFqLWQ==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
163
cf-ray
85cd653fdaee1d8e-FRA
expires
Fri, 28 Feb 2025 02:14:44 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je42q1v883639532z871607006za200&_p=1709172878595&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1011682454.1709172879&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sid=1709172879&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&dt=WINELOADER%20Analysis%20%7C%20ThreatLabz&_s=2&tfd=8796
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zscaler.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 02:14:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zscaler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A43%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%225014%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-219.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zscaler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 02:14:44 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tag.clearbitscripts.com
URL
https://tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/tags.js
Domain
insight.adsrvr.org
URL
https://insight.adsrvr.org/track/up?adv=5gm3a7p&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&upid=27hmsyx&upv=1.1.0
Domain
b.6sc.co
URL
https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=f6d90b3d-f23a-4e54-8cb8-b686de08d139&session=54ba9e30-4602-4b74-8854-bb2ae6f2deb3&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A45%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2029%20Feb%202024%2002%3A14%3A44%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%226019%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20technical%20analysis%20of%20a%20new%20threat%20actor%20delivering%20WINELOADER%20malware%20in%20a%20phishing%20campaign%20targeting%20European%20diplomats%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WINELOADER%20Analysis%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&pageViewId=9fb86adc-6e46-42a2-81b4-bf4b123f8cf9&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.15

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| OptanonWrapper object| OneTrustStub object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| test object| renderedForms string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| author object| authorArray string| GoogleAnalyticsObject function| ga function| doMarketoGASetup function| onYouTubeIframeAPIReady function| process6senseData string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| _linkedin_data_partner_id function| fbq function| _fbq object| techtargetic object| zi string| ZIProjectKey function| pdst number| sf14gv object| GooglebQhCsO object| gaGlobal object| zitag object| gaplugins object| gaData string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| UET function| UET_init function| UET_push object| ueto_926826e019 object| uetq function| lintrk boolean| _already_called_lintrk object| __adroll_consent_data string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| CE_API function| webinsights object| insightsuetq object| MunchkinTracker object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| _6si object| Bizible object| BizTrackingA object| BizA object| _vis_opt_queue object| LC_API object| $jscomp object| fcdsc function| fcdscLoad function| ES6Promise function| gtag function| ttd_dom_ready function| TTDUniversalPixelApi string| dcm_cid undefined| dcm_tid undefined| dcm_gid boolean| _storagePopulated object| ORIBILI object| _zi_fc object| regeneratorRuntime object| _zi string| avail_ga_sorted object| ziws object| irongate object| mntn object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget function| pure_addEventListener function| pure_removeEventListener

44 Cookies

Domain/Path Name / Value
.www.zscaler.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Feb+29+2024+03%3A14%3A38+GMT%2B0100+(Central+European+Standard+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&consentId=91f1f5df-cb41-4f6b-9cb6-0601870093e6&interactionCount=0&landingPath=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&groups=C0001%3A1%2CC0005%3A0%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0&hosts=H36%3A1%2CH59%3A1%2CH98%3A1%2CH109%3A1%2CH45%3A1%2CH46%3A1%2CH100%3A1%2CH79%3A1%2CH119%3A0%2CH123%3A0%2CH82%3A0%2CH88%3A0%2CH106%3A0%2CH145%3A0%2CH116%3A0%2CH4%3A0%2CH102%3A0%2CH76%3A0%2CH103%3A0%2CH60%3A0%2CH96%3A0%2CH20%3A0%2CH22%3A0%2CH97%3A0%2CH108%3A0%2CH65%3A0%2CH83%3A0%2CH131%3A0%2CH110%3A0%2CH111%3A0%2CH112%3A0%2CH114%3A0%2CH118%3A0%2CH101%3A0%2CH52%3A0%2CH133%3A0%2CH104%3A0%2CH105%3A0%2CH14%3A0%2CH149%3A0%2CH146%3A0%2CH15%3A0%2CH17%3A0%2CH134%3A0%2CH135%3A0%2CH136%3A0%2CH113%3A0%2CH115%3A0&genVendors=
.zscaler.com/ Name: _gcl_au
Value: 1.1.787449823.1709172879
.techtarget.com/ Name: __cf_bm
Value: _3Wt9Stgd3jqrJluf_sDG3xgjhsZ5Bxv30iou2E0U_Y-1709172879-1.0-AfRL8zNr0LIq9UbB9s/avl+RPbIfrFFE3DIJZ1Fu2e8aRkwGm3TL2cZi4cbzBnI1ODLpsXqjELfdiP2edASKLOk=
.zscaler.com/ Name: _ga
Value: GA1.2.1011682454.1709172879
.zscaler.com/ Name: _gid
Value: GA1.2.462640689.1709172879
.zscaler.com/ Name: _dc_gtm_UA-6177009-1
Value: 1
www.zscaler.com/ Name: __pdst
Value: 959d29cd48244a958c5887494076a0de
.zscaler.com/ Name: _fbp
Value: fb.1.1709172879246.1019116065
.zscaler.com/ Name: _ce.irv
Value: new
.zscaler.com/ Name: cebs
Value: 1
.zscaler.com/ Name: _uetsid
Value: 4ab2ea00d6a811eea93993dc9947524d|1tgh4rb|2|fjo|0|1520
.zscaler.com/ Name: _mkto_trk
Value: id:306-ZEJ-256&token:_mch-zscaler.com-1709172879412-99607
.linkedin.com/ Name: li_sugr
Value: 88f3fa00-b744-4e92-86b2-43bdf3226d38
.linkedin.com/ Name: bcookie
Value: "v=2&0aaf01a9-098f-4372-8a28-5af573fae4e1"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2701:u=1:x=1:i=1709172879:t=1709259279:v=2:sig=AQHpq66upl6VR2GvJsRos_OZAqDIsNYv"
.zscaler.com/ Name: _biz_uid
Value: e7be742804c24abbf34ca381e853e767
.zscaler.com/ Name: _biz_nA
Value: 2
.zscaler.com/ Name: _biz_pendingA
Value: %5B%22ipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3De7be742804c24abbf34ca381e853e767%26_biz_l%3Dhttps%253A%252F%252Fwww.zscaler.com%252Fblogs%252Fsecurity-research%252Feuropean-diplomats-targeted-spikedwine-wineloader%26_biz_t%3D1709172879479%26_biz_i%3DWINELOADER%2520Analysis%2520%257C%2520ThreatLabz%26_biz_n%3D0%26rnd%3D942950%22%2C%22u%3FmapType%3Dmkto%26mapValue%3Did%253A306-ZEJ-256%2526token%253A_mch-zscaler.com-1709172879412-99607%26_biz_u%3De7be742804c24abbf34ca381e853e767%26_biz_l%3Dhttps%253A%252F%252Fwww.zscaler.com%252Fblogs%252Fsecurity-research%252Feuropean-diplomats-targeted-spikedwine-wineloader%26_biz_t%3D1709172879481%26_biz_i%3DWINELOADER%2520Analysis%2520%257C%2520ThreatLabz%26_biz_n%3D1%26rnd%3D332535%22%5D
.zscaler.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%7D
.zscaler.com/ Name: _fcdscst
Value: MTcwOTE3Mjg3OTQ4Mw==
.zscaler.com/ Name: _ce.clock_event
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkbZcTpwHC8tNeijWcGCfwNUXXWWqSFATNTyBwIIfJgw5-0EwjfpO60qVfF
.zscaler.com/ Name: _uetvid
Value: 4ab329e0d6a811eea359c5bd5af8a126|1kevcad|1709172879648|1|1|bat.bing.com/p/insights/c/w
.linkedin.com/ Name: UserMatchHistory
Value: AQJPRK26DNjuwwAAAY3ypHDI4pxVd2G8zUtd0ZepxKbLoqufGePLzFz4vhCFhCqS1xwlADlmVW8ofA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKiSa2fqZvEPAAAAY3ypHDIgjjMbHQT_UR00OzVFFzvf5tadYeo3jxTh1A3MhWkEtdpp_KpjI_HyUJGD5ctow
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
www.zscaler.com/ Name: _an_uid
Value: 0
www.zscaler.com/ Name: _gd_visitor
Value: f6d90b3d-f23a-4e54-8cb8-b686de08d139
www.zscaler.com/ Name: _gd_session
Value: 54ba9e30-4602-4b74-8854-bb2ae6f2deb3
.zscaler.com/ Name: _ce.clock_data
Value: 36%2C80.255.7.102%2C1%2Cd23861f90f98ef1cbb909ba4da09afb4
.zscaler.com/ Name: _CEFT
Value: Q%3D%3D%3D
.zscaler.com/ Name: cebsp_
Value: 1
.zscaler.com/ Name: _ce.s
Value: v~07154c8477f3ee87fd5d8a6d243d3c454bcc110c~lcw~1709172879752~lva~1709172879363~vpv~0~v11.cs~366477~v11.s~4b141080-d6a8-11ee-96f1-e3f7083a227e~lcw~1709172879753
.www.linkedin.com/ Name: bscookie
Value: "v=1&2024022902143928fdd303-417b-4860-89f5-5fc6d55c5f9dAQE0ev5iSAt5sDGzvNDv9fom_UW_xzHu"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDkxNzI4Nzk7MjswMjEcs1ZUtQExnzXI+oRVUvZ8IsESg/XHhL8+2/xCK00sGA==
.6sc.co/ Name: 6suuid
Value: dba0d517153701008fe8df659e030000f90d4600
.zscaler.com/ Name: _ga_10SPJ4YJL9
Value: GS1.1.1709172879.1.0.1709172879.60.0.0
.zscaler.com/ Name: _fcdscv
Value: eyJDdXN0b21lcklkIjoiNzMxYzMxNmEtYzQ2ZS00YTk0LTgxYTktN2NmYzBlYTBkNTNlIiwiVmlzaXRvciI6eyJFbWFpbCI6bnVsbCwiRXh0ZXJuYWxWaXNpdG9ySWQiOiI0NDhmYWI4Ny0xM2UwLTRkMTEtOTVmOC1lYzIwMTBjZjZhMjgifSwiVmlzaXRzIjpbXSwiQWN0aXZpdGllcyI6W10sIkRpYWdub3N0aWNNZXNzYWdlIjpudWxsfQ==
.www.zscaler.com/ Name: _zitok
Value: 08e49e0abfc01f01f5d31709172880
.zoominfo.com/ Name: __cf_bm
Value: pJ5Mit7T.rmmWX_kfaK55_obUiw11MFeBDS9pohcY4U-1709172880-1.0-ATYGNeV/I80IIWKjkQch0I6Wrw5fpIyuNxVKuvIekk12krJYYVMtdxX/ug5TquwAjOrtksFMwEK0kZyr80jvGE8=
.zoominfo.com/ Name: _cfuvid
Value: 9lsxNM.lvlb7Htm3fCCiYvSIgm9mMdMj4JteRJ_HJig-1709172880942-0.0-604800000
.mountain.com/ Name: guid
Value: 4c966bbb-d6a8-11ee-9ed3-e9d7436a7b22
.px.mountain.com/ Name: tt
Value: "H4sIAAAAAAAAAKtW8guKNzYyNrKMN7IwtlCyMtBBEjG3NAaLICswNDewNDQ3srAwNjc101EqU7IyqgUAv1m9W0YAAAA="
.mountain.com/ Name: rt
Value: "MzIzMjk6MTcwOTE3Mjg4Mw=="

74 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK(Line 729)
Message:
Refused to load the script 'https://tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/tags.js' because it violates the following Content Security Policy directive: "script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1778897272132032?v=2.9.147&r=stable&domain=www.zscaler.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cb=83863846588762320term=value
Message:
Refused to connect to 'https://52.22.50.55/is' because it violates the following Content Security Policy directive: "connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com".
javascript error URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Feuropean-diplomats-targeted-spikedwine-wineloader&cb=83863846588762320term=value
Message:
Refused to connect to 'https://52.22.50.55/is' because it violates the document's Content Security Policy.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://t.sf14g.com/sf14g.js
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; img-src 'self' fast.wistia.com https: data: blob: *.hushly.com; script-src 'self' https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net *.mountain.com trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com *.hushly.com https://js.zi-scripts.com https://ws-assets.zoominfo.com; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com *.hushly.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com *.hushly.com; connect-src 'self' blob: https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ *.hushly.com https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

306-zej-256.mktoresp.com
acsbapp.com
assets-tracking.crazyegg.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.acsbapp.com
cdn.bizible.com
cdn.cookielaw.org
cdn.pdst.fm
connect.facebook.net
d.adroll.com
d2i34c80a0ftze.cloudfront.net
dx.mountain.com
epsilon.6sense.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gs.mountain.com
ibc-flow.techtarget.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.zi-scripts.com
munchkin.marketo.net
netlify-rum.netlify.app
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
region1.analytics.google.com
s.adroll.com
script.crazyegg.com
secure.adnxs.com
snap.licdn.com
st.fullcircleinsights.com
stats.g.doubleclick.net
t.sf14g.com
tag.clearbitscripts.com
tracking.crazyegg.com
trk.techtarget.com
us-central1-adaptive-growth.cloudfunctions.net
ws-assets.zoominfo.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.zscaler.com
b.6sc.co
insight.adsrvr.org
tag.clearbitscripts.com
108.138.15.119
108.138.36.91
13.107.42.14
13.35.58.27
152.195.15.58
172.64.150.44
18.192.208.225
18.66.122.45
185.89.210.46
192.28.144.124
2001:4860:4802:34::178
2001:4860:4802:34::36
2001:4860:4802:36::36
23.210.118.178
23.213.161.219
2600:9000:20c3:4a00:6:9280:1080:93a1
2600:9000:237d:7800:9:14eb:6280:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2606:4700:4400::6812:2089
2606:4700:4400::ac40:973c
2606:4700::6810:880f
2606:4700::6810:890f
2606:4700::6812:1c4a
2606:4700::6812:83ec
2606:4700::6813:9308
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9c
2a02:26f0:480:23::1726:62a7
2a02:26f0:480:f::213:7edd
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d014:58f:6200::64
2a05:d018:cc3:fe05:9001:9e85:f878:f35e
34.111.208.231
34.199.184.178
34.210.219.79
34.212.4.35
34.238.149.65
34.248.100.15
35.244.142.80
02cf967312da416498f662d891dd432426488424f6334da0eb277059ecd2f59b
0304ffa7c87378f9e91eea78f43f05abb2165d2377d35fb9bb0fcd53dfdb2472
033e89762c7a86eab5dff91e727e710cb6ec0b1f0b9956c5c3e512c45be8335c
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
1089d247d1abd46a3fe8e06d995be9df10fac4c24d325df629b484268e2d093f
109d7aa9c6f32a78c877db04e17d6b78c89dd5c539dc01bae82840b2ebd43bca
151427a4b23e94bcada8f3e09acb485a27c29636fb6cb80be635590729d54fda
162771f9c367624c90b235b5ee4786acce13f51b10491b69571979396c94b656
1abc2ce8b96eba7e9b08285bb05d18cfae8f6e89aae9abb586964e7e10c3c2d1
1ca4d7bd727f9c0d0dc1d01c0b08b630632340659b4899c71344dd4d27faffa8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22147435acc9ecc41bb846cafae52d28f46ee418ff8c84280c627c843d7b3c92
257ef1b7dd06f88a465e5badb58c57b62cf678d7618ecc2929aa3b428e848122
258ac87e304908a79116737170a587d0ea6cb91c9fa2e10389e0c52b3a30f2b0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25e01c258e35b50211a4515b1c38c8724a643fdcc91609e484a2a4696680851e
26ccef7de6e2531d69dc022399a438b3fdc284eb9354118801c80bc33dc79601
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3198ab953223ce749659ef7de50c0005053ce98706f7dca9684df17ecbcbb30c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32820040e057f042c37e36e658a3fd3504319bba0e82ae2617f6e4c4f489f8f1
3505d9c53423b2c2b85fa4fd199a6d5aa93246f0fd7d7e16ab3b63515842391e
3dbe0a02ce3100e00f27c08158c477693c0d031094e9866ebc94c8342e488fb3
40a722d81e375022831716b3a9b4c41fa917a0290c3643399a5966c5162c138f
40b722810ad3b4c88ec06524fd76f5527ccf1a18fe74b711998fbdbca59900ab
413d0b57de62b151d631e5c63ca0b52a447578209f5bd960ce99471228f34a04
41635e062e487b56a91beaa760d53e414ddc1a334f0bb77936e9af413aa32077
45396b8359112c614d4aab3fcb716deaabc47e477078f675d7bf69f5791c8f53
453d1d7e123dbb1eb52bd8bcea12a17ed52a2362bf5b6a7fa629ba720a0e6f41
4b005617f68b2930e6826be91e73e61d454ebb9652aae03beeafe155fd206bca
50970779ad17a87bb8b369bc2a10e5d1ee0f842840da83cb66b8879cc949162b
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5453c10ba79ea5cd2df54b880fb6c07ed470304db1680ec57d03553043898dce
5506d7c716e804260e467cb9d630bed25eaaa21c6ad8fc0f7c57f70505700a53
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56825a18609edf018f2aa9171e46577bf1f567a1bd53da6042d2d2525c2a010f
5a67063017039d29c7ce0b227538df8a83192275dbf04cdb5c509cfd6da6eebb
5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6
5b1913d4abf823d48d7baea4ef9dfa47b932188db3e19c4563e07e298de8a60d
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
619961cc5419607d2024e330d6c57c6574bf7610260fb43362fbbcc800854d5e
62fc8cea9950242002f5f14e55109e33e44aa116ca5d714aa074471f72949d9c
63be610a259d87102209ef2be3cc3fb1d2914d6e6ab9c4b5eb31627dba2a8433
6487817342cc7311d0f8603168a7edba803aa7de8813673eb155e8ea8b77b32c
651e0a935201856c4b3e39ba28ae07c50a51b683a0004078334643d8762b1995
6635c7a8c9340a594fe3030b37828f0bcc792414b520f48f3e8b566e78e8239e
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6d50d10b778307c65cec723f2ec7beea25c203abcf1ef1580f9963cfee2185e0
6d6f036e4cac10754c2aa5efd616639a721423b7adaee3018c4157dee39c75d0
6dd392c466cd921d7bc4ee56ec561bd197bf42953b447e2bc10e5167b8376e0d
72a191e37e73098712a6e4788bb7c4c8826b52d393ba0bb1d1a87bf5dca38813
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
79e4c7ae4935ffccf99e5f7e878bd26041f9b26e242371fa2b9a0d25e828010a
7b2a1e7ec66641ad958a36774552cc40712f052e2db6542cacc01fd2dbcde58c
7d7420dc00f6c2095845ed3099c8c38269d37ed054a8570135082f433b717ad7
7d8c9451e6f1ca00266cb0033ca75a112276883ce38858573c7a8ae60e9a6e0c
7e1b62ebdc0c45ecba861f2fb9a04dbc120ac946fd065cb22a4d2d1d09e3e3c9
7f9048d354cf3df15668565450eea5de2a267cd95ec928a81bdc0269fb611baf
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8600af66416653c8348551876f1466872949730c3d8c7925f392ac6824cb0aab
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fde8fd7b0ad034128435bc21892e617683afdfb5cd4fef39c0bd6ff7d53723
8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3
8d5faabfef8a098483b94198ce9e3eb18f4384e9d4bc9c1942bc6708d91afcc2
8dac41e5769205cdde828650006d0097810ab4f98718faca4eb7d08f1cdcf132
8e80729e7e89eb99fe169fe468749fb8193834b18bbfdc3059feb48e12bebb92
92531e43dbc7ec7e14bb2702e6f04d805c3ee02de151d4bb04b45e72ff318283
92c64e0ba29d4d830846c7b09afe191979744041038980b7673f502d717d6d1b
9a0d5f53562170f7c12e461461664118c6c5e6f77a2dec0e5cfae560f6f32efe
a0ae602e4b19bb4491ccba1bab200ae243fa876b70cefdd8894ae0111a788306
a44b250a3df5c6288d88e99a129be57792edf4ebc9307e1f027d87a88ae35fa5
a55c459608c0f87ff70bfb1ae80991522791451e05f64f61e1ed1cde14187d32
aa2b8282a1438a0e53971aa29a5c54f2911a3cb79b44cc20f8521ead150c458f
ab49bd3ceb497408c6dee3eb05420ef981d2e7570ac0318bb393c15727ef92d9
ac0ee85e70983eefc35eb7d35b815b65fdcc5cdc044eef5c048dce7c726e9526
af151592386fa0fbeb1de70e7cfad51720dc99626d92070cc40ba74fdbc1e85a
b14edb63144690e6c4ecec619bacb9293014169b6b177be4df6f5aae84fdbc53
b1dc93607551d2a0a07f0dd787c80bedd38337ce2769efb52d5975226db259e2
b3d3902f1f14b183805345377b81268ea40eae93eaa9cfe5eab2b5bef5533c59
b83a8509ec6a8a171e6e747ac33e72f1cac0f02069c4351866f6f3a40dee75ea
b92441ba350b4367e04e321b08f791f7dfb9ea229c3dd3ff0e91d89abe7e3f2f
beac035e4d7e7ca8063a81be0994cfc994d5f1c7539091659834203e076476ac
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01
bff1b16ebe5d1a63a88b474f3173e88dc249a541f539f0efb8b6a2413ea84605
c12d636cb5268c2f7f86c34ec5b1af2826a685eae5e503aece3c477fdd97a971
c24bb023f08599741208ac6c44edde2506c38f6e18e4792ad7b1ed5bbc866fe5
c70e82fbfc90d2818cc31f0e927691e6ab206d5f81e3ef579be3ad33bf6a3f4a
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc25f2f1b34b8a8f05f370af8e86cd64f1869c5f7e27913469a752da5fc55235
ce4e274c5793e7cd62cb67e2630278ef4a470b4baa35cb3b42e145717faed336
d0bf5bb58732f1aa0ec184c498b1d59a4181c51cef07a573f15890668de6799d
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98
d70f266b21272f120181280a40896019db9d0e7193f5852f9111a1fbb82f59b7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec888202913f9630b63196880ea2e96210c59df2905e55154fe88432c1b0e3d
decf18e6ed4b163a7a0ef6ddecbafcfb300be5f0cd98140960efc65adb115c59
dfbd8d7a089d17409d244b68361d28f48afd0eceb7ef00f965afeba00468c780
e20594a73ecbdcb15e351a97aaed3f415fd3872c916d10a452bcb23b6329a06f
e2e05217cb6c08c8ac8fccd62fe7541004252cb0fd5fe47716ea55bc7aa555f5
e3078f501977e2185b646c2f5a7d017a8b562bdbd5b28df7640bd52cba8f377d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45934e263c7a4e155b0b92f540b048288c1f866ba40a69f98fb97da43c0912a
e57a87fafbf39eaa66eaaf03fb793f8e7022008d7d736c48059d812d4d533179
e6a1e90281fb5f6bd8c4df8697f16fdd66b968afe67e22f20130b2a212910ddb
e8ecffd45e2109c9c4e158a198caa44a299e65db55b376cc70f0c97165c0eb1f
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ec09e6ea3a9912c8e7c4640d0907355978c3fc6383eccedfbab424efbd863ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f4ab0a26662426d1b923b7a4efde23bd97b936efd67c3bcd569c2176358b327d
f4bdfcb700a1d9a605254ced84d72baac8bb485222734489c34a2e8bb5c6e848
fae094ea99d2b7bfecbdcb091c4d4c6c3bf470864951f7b42a11357ec7805d46
fbb2df2831ea2234d9a6db640b566056945c3025380ddb99653c9546f6fca8e4
fc627f4b1e5dacb3ee886d29ba63681f0d2b79f21bd300e2e2ed7da9ef0b0f7f
fc8c8f5340dc34290a19d0068536f04e17fb8e3faaf46cb3335a10fd7a475d24
fcd0d01f674bf8bc63ee2236eb16f008bdfaa10ff622806b05b762a88ac3498c
fd4443e489a08e406ae97470c8ddeeb5c0dd4fefd7cdf540d4150141c14600fc
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe7b5b615587cd11b52f2a6edc1b8a2eb60aabacaf06b6a656a938e4cfaf68e8