www.zscaler.com Open in urlscan Pro
104.18.29.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Submission: On May 06 via api (May 6th 2024, 4:12:48 am UTC) from IL — Scanned from IL

Summary HTTP 199 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 60 IPs in 7 countries across 45 domains to perform 199 HTTP transactions. The main IP is 104.18.29.74, located in and belongs to CLOUDFLARENET, US. The main domain is www.zscaler.com. The Cisco Umbrella rank of the primary domain is 71602.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 28th 2024. Valid for: a year.

This is the only time www.zscaler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	104.18.29.74 104.18.29.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
9	104.19.178.52 104.19.178.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.18.221.207 52.18.221.207	16509 (AMAZON-02) (AMAZON-02)
2	52.49.52.83 52.49.52.83	16509 (AMAZON-02) (AMAZON-02)
1	104.18.32.137 104.18.32.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.200.185.84 54.200.185.84	16509 (AMAZON-02) (AMAZON-02)
4	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
6	104.19.147.8 104.19.147.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.96.137.199 104.96.137.199	16625 (AKAMAI-AS) (AKAMAI-AS)
17	2.18.66.162 2.18.66.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.173.154.10 18.173.154.10	16509 (AMAZON-02) (AMAZON-02)
1 6	18.173.187.81 18.173.187.81	16509 (AMAZON-02) (AMAZON-02)
1	2.18.66.8 2.18.66.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	104.18.36.196 104.18.36.196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.37.212 104.18.37.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.36.16 108.138.36.16	16509 (AMAZON-02) (AMAZON-02)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
1	44.209.137.118 44.209.137.118	14618 (AMAZON-AES) (AMAZON-AES)
8	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
1	74.125.71.157 74.125.71.157	15169 (GOOGLE) (GOOGLE)
3	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
13 15	52.31.17.50 52.31.17.50	16509 (AMAZON-02) (AMAZON-02)
4	54.230.228.63 54.230.228.63	16509 (AMAZON-02) (AMAZON-02)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
7	50.16.211.97 50.16.211.97	14618 (AMAZON-AES) (AMAZON-AES)
1 3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.66.72 2.18.66.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.230.228.9 54.230.228.9	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.29 54.230.228.29	16509 (AMAZON-02) (AMAZON-02)
2	13.248.142.121 13.248.142.121	16509 (AMAZON-02) (AMAZON-02)
1	44.212.189.233 44.212.189.233	14618 (AMAZON-AES) (AMAZON-AES)
1	54.195.89.156 54.195.89.156	16509 (AMAZON-02) (AMAZON-02)
1 2	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
5	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.85.106.161 35.85.106.161	16509 (AMAZON-02) (AMAZON-02)
1	35.81.162.201 35.81.162.201	16509 (AMAZON-02) (AMAZON-02)
1	104.22.1.204 104.22.1.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.11.155 172.67.11.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
199	60

52 104.18.29.74 (None, )

ASN13335 (CLOUDFLARENET, US)

www.zscaler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.intellimize.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.19.178.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.221.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-221-207.eu-west-1.compute.amazonaws.com

117186981.intellimizeio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.52.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-52-83.eu-west-1.compute.amazonaws.com

api.intellimize.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.32.137 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.zscaler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.200.185.84 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-185-84.us-west-2.compute.amazonaws.com

log.intellimize.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.137.199 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-137-199.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2.18.66.162 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-66-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-10.muc50.r.cloudfront.net

ob.iseaskies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.173.187.81 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-81.muc50.r.cloudfront.net

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.66.8 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-66-8.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.196 (None, )

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-16.muc50.r.cloudfront.net

d2i34c80a0ftze.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.137.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-118.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

8541430.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.31.17.50 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-17-50.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.230.228.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-63.muc50.r.cloudfront.net

st.fullcircleinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 50.16.211.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-211-97.compute-1.amazonaws.com

obs.iseaskies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.66.72 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-66-72.deploy.static.akamaitechnologies.com

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-9.muc50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-29.muc50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.189.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-189-233.compute-1.amazonaws.com

44.212.189.233	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.89.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-89-156.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.149.91 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.85.106.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-106-161.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-162-201.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.1.204 (None, )

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.11.155 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	zscaler.com www.zscaler.com — Cisco Umbrella Rank: 71602 info.zscaler.com — Cisco Umbrella Rank: 489804	985 KB
21	adroll.com 14 redirects s.adroll.com — Cisco Umbrella Rank: 3361 d.adroll.com — Cisco Umbrella Rank: 1556	47 KB
18	6sc.co j.6sc.co — Cisco Umbrella Rank: 5787 c.6sc.co — Cisco Umbrella Rank: 8716 ipv6.6sc.co — Cisco Umbrella Rank: 5928 b.6sc.co — Cisco Umbrella Rank: 3876	23 KB
10	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	720 B
9	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2400 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7454 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7566 tracking.crazyegg.com — Cisco Umbrella Rank: 4579	80 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 312	184 KB
8	iseaskies.com ob.iseaskies.com — Cisco Umbrella Rank: 606406 obs.iseaskies.com — Cisco Umbrella Rank: 459782	39 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 8541430.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 272	3 KB
6	intellimize.co cdn.intellimize.co — Cisco Umbrella Rank: 54477 api.intellimize.co — Cisco Umbrella Rank: 42062 log.intellimize.co — Cisco Umbrella Rank: 40377	88 KB
5	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4715 ws-assets.zoominfo.com — Cisco Umbrella Rank: 11817	30 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619	3 KB
4	fullcircleinsights.com st.fullcircleinsights.com — Cisco Umbrella Rank: 103360	4 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 5337 px.mountain.com — Cisco Umbrella Rank: 5486 gs.mountain.com — Cisco Umbrella Rank: 11376	11 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	379 KB
3	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 482 ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
3	google.co.il www.google.co.il — Cisco Umbrella Rank: 28483	626 B
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 6903	4 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 26104 ibc-flow.techtarget.com — Cisco Umbrella Rank: 23444	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	76 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3932 cdn.acsbapp.com — Cisco Umbrella Rank: 4124	93 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 413	983 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 435	561 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 527	524 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 456	833 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 368	1 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9185	718 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	390 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3535	123 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 345	15 KB
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1380	365 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 964	542 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 918	360 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 404	977 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 767	581 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	2 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1370 insight.adsrvr.org Failed	4 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 3462	6 KB
1	cloudfront.net d2i34c80a0ftze.cloudfront.net	11 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3868	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	316 B
1	intellimizeio.com 117186981.intellimizeio.com — Cisco Umbrella Rank: 657642
0	clarity.ms Failed www.clarity.ms Failed
0	clearbitscripts.com Failed tag.clearbitscripts.com Failed
199	45

	Domain	Requested by
52	www.zscaler.com	www.zscaler.com
15	d.adroll.com	13 redirects s.adroll.com
14	b.6sc.co
9	cdn.cookielaw.org	www.zscaler.com cdn.cookielaw.org
8	analytics.google.com	www.googletagmanager.com
7	obs.iseaskies.com	ob.iseaskies.com
7	info.zscaler.com	www.zscaler.com info.zscaler.com
6	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com d.adroll.com
6	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	st.fullcircleinsights.com	d2i34c80a0ftze.cloudfront.net
4	px.ads.linkedin.com	2 redirects snap.licdn.com
4	www.googletagmanager.com	www.zscaler.com www.googletagmanager.com
3	www.google.co.il
3	js.zi-scripts.com	www.zscaler.com js.zi-scripts.com
3	connect.facebook.net	www.zscaler.com connect.facebook.net
3	log.intellimize.co	cdn.intellimize.co
2	px.mountain.com	dx.mountain.com www.zscaler.com
2	ib.adnxs.com	1 redirects
2	eb2.3lift.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	us-u.openx.net	1 redirects
2	idsync.rlcdn.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	x.bidswitch.net	1 redirects
2	epsilon.6sense.com	j.6sc.co
2	www.google.com	1 redirects
2	www.facebook.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	ibc-flow.techtarget.com	trk.techtarget.com
2	8541430.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	api.intellimize.co	cdn.intellimize.co
1	cdn.acsbapp.com	acsbapp.com
1	acsbapp.com	www.zscaler.com
1	gs.mountain.com	www.zscaler.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	sync.taboola.com
1	image2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	pippio.com
1	cm.g.doubleclick.net	1 redirects
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	www.linkedin.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	dx.mountain.com	www.zscaler.com
1	js.adsrvr.org	www.googletagmanager.com
1	cdn.pdst.fm	www.zscaler.com
1	d2i34c80a0ftze.cloudfront.net	www.googletagmanager.com
1	trk.techtarget.com	www.zscaler.com
1	snap.licdn.com	www.googletagmanager.com
1	ob.iseaskies.com	www.googletagmanager.com
1	munchkin.marketo.net	www.zscaler.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	117186981.intellimizeio.com	cdn.intellimize.co
1	cdn.intellimize.co	www.zscaler.com
0	insight.adsrvr.org Failed	js.adsrvr.org
0	www.clarity.ms Failed	bat.bing.com
0	tag.clearbitscripts.com Failed	www.googletagmanager.com
199	68

This site contains links to these domains. Also see Links.

Domain
accessibe.com
help.zscaler.com
admin.zscaler.net
admin.zscalerone.net
admin.zscalertwo.net
admin.zscalerthree.net
admin.zscalerbeta.net
admin.zscloud.net
admin.private.zscaler.com
reg.zenithlive.com
securitypreview.zscaler.com
customer.zscaler.com
community.zscaler.com
ir.zscaler.com
www.facebook.com
twitter.com
www.linkedin.com
threatlibrary.zscaler.com
facebook.com
linkedin.com
youtube.com

Subject Issuer	Validity	Valid
www.zscaler.com DigiCert SHA2 Extended Validation Server CA	`2024-02-28` - `2025-02-23`	a year	crt.sh
cdn.intellimize.co R3	`2024-03-15` - `2024-06-13`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.intellimizeio.com Amazon RSA 2048 M03	`2023-10-25` - `2024-11-22`	a year	crt.sh
api.intellimize.co Amazon RSA 2048 M02	`2023-10-25` - `2024-11-22`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
info.zscaler.com Cloudflare Inc ECC CA-3	`2023-10-08` - `2024-10-07`	a year	crt.sh
log.intellimize.co Amazon RSA 2048 M03	`2023-10-24` - `2024-11-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
script.crazyegg.com E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.iseaskies.com Amazon RSA 2048 M01	`2023-07-18` - `2024-08-16`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-13` - `2024-05-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-25` - `2024-06-24`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.co.il GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-03-10` - `2024-06-08`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
aws-st.fullcircleinsights.com Amazon RSA 2048 M01	`2023-05-30` - `2024-06-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh
44.212.189.233 Sectigo RSA Domain Validation Secure Server CA	`2024-01-26` - `2025-02-15`	a year	crt.sh
zoominfo.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
acsbapp.com GTS CA 1P5	`2024-04-22` - `2024-07-21`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Frame ID: 73B925B2725D08C11780BD81A5C3D5F5
Requests: 186 HTTP requests in this frame

Frame: https://117186981.intellimizeio.com/storage.html
Frame ID: 9190CA8A7EDFF9B47231C841BCFF1BF3
Requests: 1 HTTP requests in this frame

Frame: https://info.zscaler.com/index.php/form/XDFrame
Frame ID: E4308B4C29C203D6A6D57C69AA330073
Requests: 2 HTTP requests in this frame

Frame: https://8541430.fls.doubleclick.net/activityi;dc_pre=COXqmLuU-IUDFUckBgAdLjECgA;src=8541430;type=zscal00;cat=zscal0;ord=5563055765678;npa=0;auiddc=842775308.1714968754;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4510z871607006za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks
Frame ID: 6F10EA59D76D17472DBAF48C4F96887D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=5gm3a7p&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&upid=27hmsyx&upv=1.1.0
Frame ID: 35B05B434A0A5E9BEED3F55B68D1F45F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

199
Requests

87 %
HTTPS

0 %
IPv6

45
Domains

68
Subdomains

60
IPs

7
Countries

2103 kB
Transfer

6674 kB
Size

73
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://help.zscaler.com/phone-support
Title: Support

Search URL Search Domain Scan URL

URL: https://admin.zscaler.net/
Title: Zscaler Cloud Portal | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscalerone.net/
Title: Zscaler Cloud Portal One | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscalertwo.net/
Title: Zscaler Cloud Portal Two | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscalerthree.net/
Title: Zscaler Cloud Portal Three | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscalerbeta.net/
Title: Zscaler Cloud Portal Beta | Admin

Search URL Search Domain Scan URL

URL: https://admin.zscloud.net/
Title: admin.zscloud.net

Search URL Search Domain Scan URL

URL: https://admin.private.zscaler.com/
Title: Zscaler Private Access Sign-In

Search URL Search Domain Scan URL

URL: https://help.zscaler.com/client-connector/downloading-zscaler-client-connector
Title: Download Zscaler Client Connector

Search URL Search Domain Scan URL

URL: https://reg.zenithlive.com/flow/zscaler/zenithlive23/home/page/event
Title: Zenith Live

Search URL Search Domain Scan URL

URL: http://securitypreview.zscaler.com/
Title: Security Preview

Search URL Search Domain Scan URL

URL: https://customer.zscaler.com/
Title: Customer Success Center

Search URL Search Domain Scan URL

URL: https://community.zscaler.com/
Title: Zenith Community

Search URL Search Domain Scan URL

URL: https://help.zscaler.com/
Title: Zscaler Help Portal

Search URL Search Domain Scan URL

URL: https://ir.zscaler.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://tinyurl.com/2audscnk

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://tinyurl.com/2audscnk%20%E2%80%94%20Zloader%20Learns%20Old%20Tricks%22

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://tinyurl.com/2audscnk

Search URL Search Domain Scan URL

URL: https://threatlibrary.zscaler.com/threats/685e24cf-046e-412f-96cd-6031f9e7fcde
Title: Win64.Downloader.Zloader

Search URL Search Domain Scan URL

URL: https://facebook.com/zscaler
Title: Visit us on Facebook

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/zscaler
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/zscaler
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://youtube.com/user/ZscalerMarketing
Title: Subscribe our Youtube Channel

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://8541430.fls.doubleclick.net/activityi;src=8541430;type=zscal00;cat=zscal0;ord=5563055765678;npa=0;auiddc=842775308.1714968754;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4510z871607006za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks HTTP 302
https://8541430.fls.doubleclick.net/activityi;dc_pre=COXqmLuU-IUDFUckBgAdLjECgA;src=8541430;type=zscal00;cat=zscal0;ord=5563055765678;npa=0;auiddc=842775308.1714968754;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4510z871607006za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks

Request Chain 111

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1714968753986&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1714968753986&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D33962%26time%3D1714968753986%26url%3Dhttps%253A%252F%252Fwww.zscaler.com%252Fblogs%252Fsecurity-research%252Fzloader-learns-old-tricks%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1714968753986&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cookiesTest=true&liSync=true

Request Chain 114

https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 126

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/?random=1591838885&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&label=(not%20set)&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&value=0&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=QA&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAgiYwbEC&eitems=ChAI8NzcsQYQqr6joavG_89hEh0A8oe38K5MxKhp_vxn0tp7Kk-tA-O8bfdnpRdBDQ&pscrd=IhMI8cGPu5T4hQMVe_QRCB0q7wcHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vd3d3LnpzY2FsZXIuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/812494211/?random=1591838885&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&label=(not%20set)&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&value=0&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=QA&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAgiYwbEC&pscrd=IhMI8cGPu5T4hQMVe_QRCB0q7wcHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vd3d3LnpzY2FsZXIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqE5TMGfzBJSudTrK1ooLb1DUNF22Hcg&eitems=ChAI8NzcsQYQqr6joavG_89hEh0A8oe38LrbQo5pnFKYDPFs4neTDLK-C0Fhy27S8g&random=4144091951 HTTP 302
https://www.google.co.il/pagead/1p-conversion/812494211/?random=1591838885&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&label=(not%20set)&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&value=0&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=QA&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAgiYwbEC&pscrd=IhMI8cGPu5T4hQMVe_QRCB0q7wcHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vd3d3LnpzY2FsZXIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqE5TMGfzBJSudTrK1ooLb1DUNF22Hcg&eitems=ChAI8NzcsQYQqr6joavG_89hEh0A8oe38LrbQo5pnFKYDPFs4neTDLK-C0Fhy27S8g&random=4144091951&ipr=y

Request Chain 142

https://d.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cookie=&adroll_s_ref=&keyw=&p0=2418 HTTP 302
https://s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/XYPZFM5QENHXRH7RBBI5PW.js

Request Chain 147

https://d.adroll.com/cm/b/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM

Request Chain 148

https://d.adroll.com/cm/g/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=9soj_cQrvaGtm72SoN4Eow HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 149

https://d.adroll.com/cm/index/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expiration=1746504754 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expiration=1746504754&C=1

Request Chain 150

https://d.adroll.com/cm/l/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=f6ca23fdc42bbda1ad9bbd92a0de04a3 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTMQABoNCLOx4bEGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=ec36aabf990eb8972315ebf525a82957ecac0e70e628345740adb5063e088373791426b5417dce21&_=2

Request Chain 151

https://d.adroll.com/cm/n/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expires=365

Request Chain 152

https://d.adroll.com/cm/o/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=f6ca23fdc42bbda1ad9bbd92a0de04a3&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=f6ca23fdc42bbda1ad9bbd92a0de04a3&gdpr=0&gdpr_consent=

Request Chain 153

https://d.adroll.com/cm/outbrain/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 154

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 155

https://d.adroll.com/cm/r/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 156

https://d.adroll.com/cm/taboola/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM

Request Chain 157

https://d.adroll.com/cm/triplelift/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 158

https://d.adroll.com/cm/x/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM

199 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request zloader-learns-old-tricks Show response
www.zscaler.com/blogs/security-research/ 336 KB
64 KB 796ms
650ms Document
text/html 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

3d7cd6cff2acf1bb33a086e1864d19bcac99441610caf1e0b31eb11bd4a7bf19

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 5
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=stale
cf-cache-status: DYNAMIC
cf-ray: 87f621e56cf2e3ed-TLV
content-encoding: br
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 04:12:31 GMT
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN https://cms.zscaler.com
x-middleware-next: 1
x-nextjs-cache: REVALIDATED
x-nf-render-mode: odb ttl=300
x-nf-request-id: 01HX61MV4M17AN3MAMRHD6XE17
x-powered-by: Next.js
x-xss-protection: 1; mode=block

GET
H2 200 117186981.js Show response
cdn.intellimize.co/snippet/ 364 KB
86 KB 386ms
182ms Script
application/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.intellimize.co/snippet/117186981.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b723465c9d3d9a5e67309ad2cdad6f0b586ee3f53f3ff7b20e008dfbe7cc8584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-mrs10559-MRS
date: Mon, 06 May 2024 04:12:31 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-timer: S1714968752.825534,VS0,VE88
etag: "0b590699aad782cfdf6803a75f5effb79--gzip"
vary: Intellimize-Namespace, Intellimize-StatusModule, Accept-Encoding
x-cache: HIT
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
content-length: 87916
x-cache-hits: 0

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/ 170 KB
27 KB 216ms
86ms Script
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/OtAutoBlock.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7e36f3f88692d69244aa905916aabc0e00bcc987bbc4cef85324e8c3733266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 27184
content-md5: xD1AeAP0mkjc7DsdK25Fqg==
content-length: 27724
x-ms-lease-status: unlocked
last-modified: Wed, 03 Apr 2024 06:34:16 GMT
server: cloudflare
etag: 0x8DC53A8159D511F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f68c528c-b01e-0067-1d91-85297f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87f621ea5b6ce3db-TLV
expires: Tue, 07 May 2024 04:12:31 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 188ms
76ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cfMMgqnnnYda745QhUdJrw==
age: 32965
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Thu, 02 May 2024 18:04:40 GMT
server: cloudflare
etag: 0x8DC6AD2569D1DB7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 81aa8688-601e-0010-3e74-9d778f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87f621ea5b70e3db-TLV

GET
H2 200 image
www.zscaler.com/_next/ 20 KB
20 KB 453ms
450ms Image
image/webp 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Fzloader_cover_image.jpeg&w=3840&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

693d540c3804dd037b7d65e94edc1041e651315843aea34021739e3674baa57b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN cms.zscaler.com

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTBZSBNN8ETXCFGJN71
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 71416
content-length: 20230
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: 38-A4irctmMlIRK++16NzBkO8kMDg4
vary: Accept-Encoding
x-frame-options: SAMEORIGIN cms.zscaler.com
content-type: image/webp
cache-control: public,max-age=0,must-revalidate
x-middleware-next: 1
cf-ray: 87f621e9ee39e3ed-TLV

GET
H2 200 219e54771de95554-s.p.woff2
www.zscaler.com/_next/static/media/ 37 KB
40 KB 443ms
439ms Font
font/woff2 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/219e54771de95554-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fde8fd7b0ad034128435bc21892e617683afdfb5cd4fef39c0bd6ff7d53723

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Origin: https://www.zscaler.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVRMK4ZEFBR4C5G3NT32
date: Mon, 06 May 2024 04:12:31 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-length: 37876
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "32414936518a58fc2fa750a6c33aeee2-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 87f621e98d9fe3ed-TLV

GET
H2 200 86085b213eb89904-s.p.woff2
www.zscaler.com/_next/static/media/ 39 KB
43 KB 480ms
476ms Font
font/woff2 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/86085b213eb89904-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

258ac87e304908a79116737170a587d0ea6cb91c9fa2e10389e0c52b3a30f2b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Origin: https://www.zscaler.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVST0W1Q62SFE09XY9Y9
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 214904
content-length: 40264
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "9831ea9dc3e6fd42fd98e3e009ca94da-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 87f621e98da1e3ed-TLV

GET
H2 200 9cdafb0650413334-s.p.woff2
www.zscaler.com/_next/static/media/ 39 KB
42 KB 467ms
464ms Font
font/woff2 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/9cdafb0650413334-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beac035e4d7e7ca8063a81be0994cfc994d5f1c7539091659834203e076476ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Origin: https://www.zscaler.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVRJZWG8D6XYSNKSG4F4
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-length: 40336
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "c17f2169b16c317daa0cef83f039ecb7-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 87f621e98da4e3ed-TLV

GET
H2 200 4012cc4b67ad157d-s.p.woff2
www.zscaler.com/_next/static/media/ 9 KB
12 KB 490ms
487ms Font
font/woff2 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/4012cc4b67ad157d-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae9ce01eeaeb30d4044b4b309035579a53b0e534e28cbb8828f5b4f648514c10

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Origin: https://www.zscaler.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVSSMK0YNE9DT7KYNAN7
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215269
content-length: 9592
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "2cf954b8ab6192e56c5518a19ebe136e-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 87f621e98da6e3ed-TLV

GET
H2 200 edb9f1eb1c1a7ead-s.p.woff2
www.zscaler.com/_next/static/media/ 9 KB
12 KB 448ms
445ms Font
font/woff2 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/media/edb9f1eb1c1a7ead-s.p.woff2

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd93b89faa1f4642b0a4a84a36bccf5174c8af4a024d9291ed1e0300db58bcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Origin: https://www.zscaler.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVRF5TJYNN687CMWWV6R
date: Mon, 06 May 2024 04:12:31 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-length: 8780
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "660f2cc4324f79a29d530cd6ace8d75c-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 87f621e98da8e3ed-TLV

GET
H2 200 dffe781f02672d0e.css
www.zscaler.com/_next/static/css/ 72 KB
19 KB 456ms
453ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/dffe781f02672d0e.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec0e833a52ecbcba05d2e40baea4641cb41a643722c788e4fb106069388c6b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVRJJ1HE7R20DNF7RX8C
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"641d2fd6a3c055ce8cd165ab8a954bfa-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e98d98e3ed-TLV

GET
H2 200 8749297bf1313406.css
www.zscaler.com/_next/static/css/ 97 KB
14 KB 405ms
402ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/8749297bf1313406.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59c47eb140647df6f4553a451fc7073b34921b1f209e518a90185a66ae1d179

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVRKH5HMMH4Y6EPBX9MK
date: Mon, 06 May 2024 04:12:31 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"2de548133584a9eb0b3e65a26d59805d-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e98d9be3ed-TLV

GET
H2 200 65b2cfa02816a9e9.css
www.zscaler.com/_next/static/css/ 76 KB
13 KB 413ms
410ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/65b2cfa02816a9e9.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d47e7fcf5a32612fac2149d801a0c4418e1ff747414ee7300a4d4a3c9a9ac179

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVRYCXQB25KT2R3ZNH4Z
date: Mon, 06 May 2024 04:12:31 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216136
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"5d8b8a61e8e733091a5a29348bc1b4a6-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e98daae3ed-TLV

GET
H2 200 60ab7ffa9f7999ec.css
www.zscaler.com/_next/static/css/ 849 B
3 KB 542ms
540ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/60ab7ffa9f7999ec.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d7420dc00f6c2095845ed3099c8c38269d37ed054a8570135082f433b717ad7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVSZGSPT7JD8XCEVT5Y0
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 211379
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"e368e9a871c4c5ed551e4edc29f18989-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e98dabe3ed-TLV

GET
H2 200 54b114f76a2643a4.css
www.zscaler.com/_next/static/css/ 14 KB
5 KB 583ms
581ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/54b114f76a2643a4.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6a1e90281fb5f6bd8c4df8697f16fdd66b968afe67e22f20130b2a212910ddb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVSXP6V1816FJHRMXQTM
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 138146
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"1ca6e3f1413c5e54d5bc3ad765a18551-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e98dace3ed-TLV

GET
H2 200 2b4ce64ceddde260.css
www.zscaler.com/_next/static/css/ 5 KB
4 KB 524ms
522ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/2b4ce64ceddde260.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413d0b57de62b151d631e5c63ca0b52a447578209f5bd960ce99471228f34a04

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVT678ABCA6EYZ8DG4P3
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 131841
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"432b9c86882bfeecd1b5d7e3248b56d8-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee2ee3ed-TLV

GET
H2 200 455227249223c84c.css
www.zscaler.com/_next/static/css/ 7 KB
4 KB 462ms
461ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/455227249223c84c.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6487817342cc7311d0f8603168a7edba803aa7de8813673eb155e8ea8b77b32c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVT4CNF8E0A03K3KN45Q
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 156915
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"c2a7264f0aa526dec2b0e4c9c4108207-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee30e3ed-TLV

GET
H2 200 961d9a8bf13703d0.css
www.zscaler.com/_next/static/css/ 6 KB
4 KB 550ms
549ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/961d9a8bf13703d0.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a576b7aa84fa1b309db84578ebfcb4bad6448889a85235382b192cb4abce726e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTK536KC7N4J8JT2NG2
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215374
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"bf6885ff8e24f3f2e3bd4422b7762fac-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee32e3ed-TLV

GET
H2 200 d34fc117d4462dbb.css
www.zscaler.com/_next/static/css/ 7 KB
4 KB 486ms
484ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/d34fc117d4462dbb.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02cf967312da416498f662d891dd432426488424f6334da0eb277059ecd2f59b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTGG66ZQPB0PAZQ0MDK
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 138145
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"8778b38583937ecce16fc56d5ece2d8f-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee35e3ed-TLV

GET
H2 200 e1f7f7d5ee9208b2.css
www.zscaler.com/_next/static/css/ 14 KB
5 KB 544ms
543ms Stylesheet
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/e1f7f7d5ee9208b2.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0d5f53562170f7c12e461461664118c6c5e6f77a2dec0e5cfae560f6f32efe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVT39MW7VJ9KRRDFAZXR
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215269
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"24187c4e1501d3ee9c42b81351b211d5-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee37e3ed-TLV

GET
H2 200 330.5d910a23d7c00c0a.js Show response
www.zscaler.com/_next/static/chunks/ 10 KB
7 KB 480ms
476ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/330.5d910a23d7c00c0a.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ed77c89795357298d03fc544da139c6b01e1a564a1e1a8b4d16a37d8e06ac9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTRAYWTWD1KJD99X5YM
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 132459
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"a489085aaecd8aed91fc33d2534ba81c-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee3de3ed-TLV

GET
H2 200 921.e109058c731d7969.js Show response
www.zscaler.com/_next/static/chunks/ 12 KB
6 KB 516ms
512ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/921.e109058c731d7969.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a641ac230f33d38ac487f219ec1990eba2795b1dba9b4a3d7c6fdc72be9a558

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTFXAE3CZ4WJQ1S0HDW
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 131777
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"5766a65f64d134ae730860e3ba922b56-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee3fe3ed-TLV

GET
H2 200 5192.b01af0b1566e0a65.js Show response
www.zscaler.com/_next/static/chunks/ 605 B
3 KB 536ms
533ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/5192.b01af0b1566e0a65.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec09e6ea3a9912c8e7c4640d0907355978c3fc6383eccedfbab424efbd863ef2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTP091C5N1RSWE9QTV0
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216139
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"f4513e92664c85248cdcf6ab83a81ab8-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee41e3ed-TLV

GET
H2 200 712.6fe5bc3f8b527c0a.js Show response
www.zscaler.com/_next/static/chunks/ 113 KB
39 KB 538ms
535ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/712.6fe5bc3f8b527c0a.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3078f501977e2185b646c2f5a7d017a8b562bdbd5b28df7640bd52cba8f377d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTD7W5NK4QGA7ARSNGY
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 208591
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"ba9655b2d372a4d85802c3782a04885b-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee42e3ed-TLV

GET
H2 200 5118.639f1c352a37d72d.js Show response
www.zscaler.com/_next/static/chunks/ 3 KB
4 KB 546ms
543ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/5118.639f1c352a37d72d.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

109d7aa9c6f32a78c877db04e17d6b78c89dd5c539dc01bae82840b2ebd43bca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTPSVZRMMAXDKKM2QJT
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 208591
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"e1e8110c347ecdf0f3c02a645edaa80a-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee45e3ed-TLV

GET
H2 200 7020.e487c0abfa389144.js Show response
www.zscaler.com/_next/static/chunks/ 3 KB
4 KB 521ms
518ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/7020.e487c0abfa389144.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41635e062e487b56a91beaa760d53e414ddc1a334f0bb77936e9af413aa32077

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTCNAHZWQVZR6X5SS6A
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 138145
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"72743ad091e1af1bc71e22c7bb503ff4-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee46e3ed-TLV

GET
H2 200 3588.eaa047ab29f86748.js Show response
www.zscaler.com/_next/static/chunks/ 8 KB
6 KB 551ms
548ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/3588.eaa047ab29f86748.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeb4f550ed77db15c0a7bd079c8be9c84eb3df8de661ba2552d7cc82032a2830

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTGST35XHT6CW2T2WK2
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216139
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"be82dd62e2dc23044b1c7b99203ae902-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee47e3ed-TLV

GET
H2 200 6786.c95c8988b23146e2.js Show response
www.zscaler.com/_next/static/chunks/ 3 KB
4 KB 544ms
542ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/6786.c95c8988b23146e2.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3505d9c53423b2c2b85fa4fd199a6d5aa93246f0fd7d7e16ab3b63515842391e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTG1T0Y103KCXYMK8DG
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 131842
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"52ce93d61aeb7bd0f621e1f3358c1d00-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee49e3ed-TLV

GET
H2 200 8900.9fd7001725b53986.js Show response
www.zscaler.com/_next/static/chunks/ 42 KB
17 KB 484ms
482ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/8900.9fd7001725b53986.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2754a14ac1a776b37870bb4734f027dea9326f4db6058e19cfbc50821c637813

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTF1D210RN1EH75BFJ0
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"fd631cde4e970cc72e92a50cdbe6cfaa-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee4ae3ed-TLV

GET
H2 200 webpack-b2585ba0e809cc76.js Show response
www.zscaler.com/_next/static/chunks/ 10 KB
8 KB 529ms
527ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/webpack-b2585ba0e809cc76.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a679410d59a063bd8f8db5d5a63fe26d5983eaca549b56ba787d12fdff8ebdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTQZKR4FWCPGZB7V159
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215269
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"440111888491cdef94812aae8455465e-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee4fe3ed-TLV

GET
H2 200 framework-aec4381329cec0e4.js Show response
www.zscaler.com/_next/static/chunks/ 138 KB
48 KB 536ms
534ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/framework-aec4381329cec0e4.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d5faabfef8a098483b94198ce9e3eb18f4384e9d4bc9c1942bc6708d91afcc2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTP6K7WS3PSYJS6SXPH
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216139
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"b14707a673188ee032e50945c07a7bc3-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee51e3ed-TLV

GET
H2 200 main-d4b326de8ea81632.js Show response
www.zscaler.com/_next/static/chunks/ 99 KB
32 KB 552ms
550ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/main-d4b326de8ea81632.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18b14430cd1faeca647e05ade580e5745dbc75350b454e7073127ecbbbd9fa8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTK5580SNZMZ6TTYMRJ
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"6c4622c16e78d0bcd5228d3eb8d41153-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee53e3ed-TLV

GET
H2 200 _app-7cb44808d00f6bc3.js Show response
www.zscaler.com/_next/static/chunks/pages/ 363 KB
123 KB 515ms
513ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/pages/_app-7cb44808d00f6bc3.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6e01a0d6a5a0c0a453da393b3560c757dfb52340eab2e6a0cfa15040c4403eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTQ4JEVJWE6KES022E1
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 214904
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"5955d9959c5379896fc1a4c75201ffa9-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee56e3ed-TLV

GET
H2 200 4612-3783f202055153ba.js Show response
www.zscaler.com/_next/static/chunks/ 187 KB
51 KB 565ms
563ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/4612-3783f202055153ba.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7809d6093100111004ddd4456577418652228b34c3bb0ec3054cbbe1edbb427a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTA9RMRX490SZ14KMH2
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"23e14808f21d0a162b80477eecc92010-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee58e3ed-TLV

GET
H2 200 5403-24b4d1e45a6ee2a6.js Show response
www.zscaler.com/_next/static/chunks/ 135 KB
41 KB 561ms
560ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/5403-24b4d1e45a6ee2a6.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc25f2f1b34b8a8f05f370af8e86cd64f1869c5f7e27913469a752da5fc55235

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVVXE2JMQ599222MGD3T
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215270
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"aa4f1c76363ba09ab3c40ed4b086d53c-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee59e3ed-TLV

GET
H2 200 3666-0828d08981c03e61.js Show response
www.zscaler.com/_next/static/chunks/ 79 KB
23 KB 523ms
522ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/3666-0828d08981c03e61.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80b96764ac47d507c3819ae08cd615034e22d5d06f735c42936940e2e26fe300

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTQWJ85MQD4HYK8WK03
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 214905
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"bbe9d6ad66d25664061e99b297e487da-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee5be3ed-TLV

GET
H2 200 5609-bb6749f7cac8d773.js Show response
www.zscaler.com/_next/static/chunks/ 138 KB
33 KB 533ms
532ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/5609-bb6749f7cac8d773.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d19075bd3c868a563b30067d54cf92d64871ab1bc48d3faf48e1a7a5c183838

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTJZXC327BVHFBZZP94
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216138
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"19590f7501844711fdbf61798f99b4b0-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee5de3ed-TLV

GET
H2 200 %5B...slug%5D-25249b238d50ef98.js Show response
www.zscaler.com/_next/static/chunks/pages/blogs/ 3 KB
4 KB 502ms
501ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/pages/blogs/%5B...slug%5D-25249b238d50ef98.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785b06271ed09023b9611c2c12471a85974343d9f666697cd31d70d2143db362

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVT6YAWSQB08J1K7MSRB
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 131842
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"b4d405caca1628d625d2f26fced81b40-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee5ee3ed-TLV

GET
H2 200 _buildManifest.js Show response
www.zscaler.com/_next/static/jTPxPrQU4wj5tA28xnj9U/ 3 KB
4 KB 510ms
509ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/jTPxPrQU4wj5tA28xnj9U/_buildManifest.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42ccfbda27dec5ae7a19c1550eb261f3981abfb5e308783c685e3dd32cd35f32

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTCVK8YYB2XGXGWPDNK
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215269
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"95c2274528de595dff46025ddc03b1f5-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee60e3ed-TLV

GET
H2 200 _ssgManifest.js Show response
www.zscaler.com/_next/static/jTPxPrQU4wj5tA28xnj9U/ 372 B
3 KB 512ms
511ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/jTPxPrQU4wj5tA28xnj9U/_ssgManifest.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f5ebeaa6de1cfc0d227fe847777538018f82fa1d37793f3a4842d7d73810b21

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MVTHHS8NWPAPE91AFXXE
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215269
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"a6b3a7687575193a6faf84e4851b4fa5-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621e9ee61e3ed-TLV

GET
H2 200 email-decode.min.js Show response
www.zscaler.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 58ms
58ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:31 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2024 15:12:53 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66310a75-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 87f621eadff7e3ed-TLV
expires: Wed, 08 May 2024 04:12:31 GMT

GET
H2 200 storage.html
117186981.intellimizeio.com/ Frame 9190 0
0 394ms
134ms Document
text/html 52.18.221.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://117186981.intellimizeio.com/storage.html

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.18.221.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-221-207.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-length: 5622
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 04:12:32 GMT
etag: W/"15f6-i1JaE+2vqe5pqhYqt7p8ocnlnuI"
strict-transport-security: max-age=15552000; includeSubDomains
x-powered-by: Express

POST
H2 200 117186981 Show response
api.intellimize.co/context-v2/ 531 B
628 B 413ms
158ms Fetch
application/json 52.49.52.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.intellimize.co/context-v2/117186981

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.49.52.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-52-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3400d5139019f336e25e0f09f5e95d98c224fdb8e77cbcb984f716140f93aae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 3e894970-e3e9-4783-85e9-7c38eedbfbbf.json Show response
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/ 5 KB
2 KB 195ms
82ms XHR
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/3e894970-e3e9-4783-85e9-7c38eedbfbbf.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0cd39d290a1403b6303c049dceebac871d07a5f776b53f4e425ec2235d16a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 27625
content-md5: oj+Dp3bF+hHUZlalRDGEBg==
content-length: 1840
x-ms-lease-status: unlocked
last-modified: Wed, 03 Apr 2024 06:34:16 GMT
server: cloudflare
etag: 0x8DC53A81596745A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3a42e90c-201e-0007-3791-8555e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87f621ee498ee3c7-TLV
expires: Tue, 07 May 2024 04:12:32 GMT

GET
H2 200 image
www.zscaler.com/_next/ 246 B
579 B 235ms
234ms Image
image/webp 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=%2Fassets%2Fimages%2Fdefault-avatar.png&w=96&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0057c0a68b2a6998b10d731890ea3c145992ea61f7e18009466e7ab2fefc6a6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN cms.zscaler.com

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MW9DQ55T0QFN3J5GT7N3
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 74772
content-length: 246
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: 40-UOI3F9uTY1KtJEoZJD0N4zRKdbg
vary: Accept-Encoding
x-frame-options: SAMEORIGIN cms.zscaler.com
content-type: image/webp
cache-control: public,max-age=0,must-revalidate
x-middleware-next: 1
cf-ray: 87f621ee4e7ee3ed-TLV

GET
H2 200 zloader_fig_1.png
www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/ 9 KB
10 KB 1077ms
1077ms Image
image/avif 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/cdn-cgi/image/format=auto/sites/default/files/images/blogs/zloader_fig_1.png

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6531326e86bed2b8e128e650cbc0c0b4163e8c0f161bdd7783070b14a6a3a21d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 9610
cf-resized: internal=ok/d q=0 n=1502+794 c=0+0 v=2024.4.0 l=9610
last-modified: Thu, 25 Apr 2024 16:02:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf95ARLc8pdev5bT37YvaJ1Y4S1gWqs-rDoNB_ezzVDw"
vary: Accept, Accept-Encoding
warning: cf-images 299 "cache-control is too restrictive"
content-type: image/avif
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 87f621ee4e82e3ed-TLV

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
316 B 193ms
78ms XHR
application/json 104.18.32.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff10c1fe39489bf9f57c9dc9e8ccc064dfdfd4dec949636d5deeba2a8f2da2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 87f621ef8b8ee3cb-TLV
access-control-allow-headers: Content-Type

GET
H2 200 7763.388ef9f1e59537d2.js Show response
www.zscaler.com/_next/static/chunks/ 999 B
4 KB 232ms
232ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/7763.388ef9f1e59537d2.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-b2585ba0e809cc76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6635c7a8c9340a594fe3030b37828f0bcc792414b520f48f3e8b566e78e8239e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWD0GT1M9M606M2VR0XR
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216136
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"7f84ca4a324125366c85cbb82dd6a58d-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621ef083ce3ed-TLV

GET
H2 200 5551.be333bf1a8475626.js Show response
www.zscaler.com/_next/static/chunks/ 965 B
4 KB 234ms
234ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/5551.be333bf1a8475626.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-b2585ba0e809cc76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e4c7ae4935ffccf99e5f7e878bd26041f9b26e242371fa2b9a0d25e828010a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWD383X6JQSF0NF7WTRY
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216137
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"f87df4f4e6f5b0891df314a43b98df44-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621ef083fe3ed-TLV

GET
H2 200 6023.eb027d8b2eca9d08.js Show response
www.zscaler.com/_next/static/chunks/ 1007 B
4 KB 233ms
232ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/6023.eb027d8b2eca9d08.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-b2585ba0e809cc76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

decf18e6ed4b163a7a0ef6ddecbafcfb300be5f0cd98140960efc65adb115c59

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWD18NWKRRNR5WH183B2
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215323
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"d3a9e99542626172fd5a2458eacefb9c-ssl"
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621ef0841e3ed-TLV

GET
H2 200 790.172105aad548b0af.js Show response
www.zscaler.com/_next/static/chunks/ 1 KB
4 KB 234ms
234ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/790.172105aad548b0af.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-b2585ba0e809cc76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

453d1d7e123dbb1eb52bd8bcea12a17ed52a2362bf5b6a7fa629ba720a0e6f41

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWD9CDG24WS6N5VWF461
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 215318
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"252bae504cab0d3277bd2cdcac298932-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621ef0843e3ed-TLV

GET
H2 200 6831.22fb05c3ff44b775.js Show response
www.zscaler.com/_next/static/chunks/ 1 KB
4 KB 200ms
200ms Script
application/javascript 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/chunks/6831.22fb05c3ff44b775.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/webpack-b2585ba0e809cc76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb2df2831ea2234d9a6db640b566056945c3025380ddb99653c9546f6fca8e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWD7DAEG1Q9ZPA9H4PGQ
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 216136
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"a19902f346960969fe5870f36f255f08-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621ef0847e3ed-TLV

GET
H2 200 image
www.zscaler.com/_next/ 8 KB
9 KB 201ms
201ms Image
image/webp 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Fimage.jpg&w=600&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/5403-24b4d1e45a6ee2a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4faaacc39dd07bf37157f521f689806d5c3984c8ff4d4694faa17f5d83c56430

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN cms.zscaler.com

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWFPK07ZT3YQ6QD2GYGD
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 71412
content-length: 8592
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: 38-Cv3vT5tz3a78e/rcrPP1M4Ti+NU
vary: Accept-Encoding
x-frame-options: SAMEORIGIN cms.zscaler.com
content-type: image/webp
cache-control: public,max-age=0,must-revalidate
x-middleware-next: 1
cf-ray: 87f621ef7947e3ed-TLV

GET
H2 200 image
www.zscaler.com/_next/ 35 KB
35 KB 301ms
300ms Image
image/webp 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Fblog-tile-img-700x467-ransomware.jpg&w=600&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/5403-24b4d1e45a6ee2a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b2e007f61b8c7f485937b708b55fc232f68106a6737c27d21f06029c661c5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN cms.zscaler.com

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWFGGCSY6Z6JF51RSDF2
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 71412
content-length: 35994
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: 37-CspNwaFgQIqXo6SqTd5CXFpOw28
vary: Accept-Encoding
x-frame-options: SAMEORIGIN cms.zscaler.com
content-type: image/webp
cache-control: public,max-age=0,must-revalidate
x-middleware-next: 1
cf-ray: 87f621ef8952e3ed-TLV

GET
H2 200 image
www.zscaler.com/_next/ 43 KB
43 KB 191ms
191ms Image
image/webp 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Fblog-tile-img-700x467-generic-code.jpg&w=600&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/5403-24b4d1e45a6ee2a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d2e114404dda043af4ce7239a6e0e1c5cc03cef284ef6388aeb6846d9140461

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN cms.zscaler.com

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWFJKQKHQCAEFX3731CV
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 74768
content-length: 43648
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: 38-mTuUkeNAUQ5veTqwF2x7+g6voGk
vary: Accept-Encoding
x-frame-options: SAMEORIGIN cms.zscaler.com
content-type: image/webp
cache-control: public,max-age=0,must-revalidate
x-middleware-next: 1
cf-ray: 87f621ef8954e3ed-TLV

GET
H2 200 forms2.min.js Show response
info.zscaler.com/js/forms2/js/ 199 KB
67 KB 240ms
77ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/js/forms2/js/forms2.min.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-d4b326de8ea81632.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 4431
etag: "2f40242-31af8-616bbc873ed80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 87f621f0891de3cf-TLV
expires: Mon, 06 May 2024 08:12:32 GMT

GET
H2 200 8749297bf1313406.css Show response
www.zscaler.com/_next/static/css/ 97 KB
94 B 227ms
226ms Fetch
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/8749297bf1313406.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-d4b326de8ea81632.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59c47eb140647df6f4553a451fc7073b34921b1f209e518a90185a66ae1d179

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWGDGCBK3K1V7KD07GMN
date: Mon, 06 May 2024 04:12:32 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
age: 216138
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"2de548133584a9eb0b3e65a26d59805d-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621efa9d1e3ed-TLV

GET
H2 200 65b2cfa02816a9e9.css Show response
www.zscaler.com/_next/static/css/ 76 KB
93 B 246ms
246ms Fetch
text/css 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/_next/static/css/65b2cfa02816a9e9.css

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/_next/static/chunks/main-d4b326de8ea81632.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d47e7fcf5a32612fac2149d801a0c4418e1ff747414ee7300a4d4a3c9a9ac179

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWGPDY2X5F2DKTHAJH58
date: Mon, 06 May 2024 04:12:32 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
age: 216136
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"5d8b8a61e8e733091a5a29348bc1b4a6-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87f621efa9d5e3ed-TLV

POST
H2 200 clientlogger
log.intellimize.co/ 3 B
325 B 801ms
261ms Ping
application/json 54.200.185.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://log.intellimize.co/clientlogger

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.200.185.84 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-185-84.us-west-2.compute.amazonaws.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 image
www.zscaler.com/_next/ 20 KB
20 KB 185ms
184ms Image
image/webp 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Fzloader_cover_image.jpeg&w=1920&q=75

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

693d540c3804dd037b7d65e94edc1041e651315843aea34021739e3674baa57b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN cms.zscaler.com

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWHH4ZXVKH22YF5PX2TS
date: Mon, 06 May 2024 04:12:32 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 71412
content-length: 20230
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: 38-EZLof259zYb7NWoPlp0ChYbU9EU
vary: Accept-Encoding
x-frame-options: SAMEORIGIN cms.zscaler.com
content-type: image/webp
cache-control: public,max-age=0,must-revalidate
x-middleware-next: 1
cf-ray: 87f621efea24e3ed-TLV

POST
H2 200 117186981 Show response
api.intellimize.co/prediction/ 68 B
388 B 126ms
126ms Fetch
application/json 52.49.52.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.intellimize.co/prediction/117186981

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.49.52.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-52-83.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c7c86bc6610cf47c78b385c56c63c1a3393f1369e84150f7a64b22495c1c7bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 72ms
71ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
age: 32962
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109676
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
server: cloudflare
etag: 0x8DC49752A75EB01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87f621f03ecde3db-TLV

POST
H2 200 logger
log.intellimize.co/ 3 B
324 B 645ms
262ms Ping
application/json 54.200.185.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://log.intellimize.co/logger

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.200.185.84 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-185-84.us-west-2.compute.amazonaws.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 200 logger
log.intellimize.co/ 3 B
324 B 644ms
262ms Ping
application/json 54.200.185.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://log.intellimize.co/logger

Requested by

Host: cdn.intellimize.co
URL: https://cdn.intellimize.co/snippet/117186981.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.200.185.84 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-185-84.us-west-2.compute.amazonaws.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/a0ff87cb-6171-4ad3-b4dc-f2ccbf362815/ 126 KB
28 KB 95ms
95ms Fetch
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3e894970-e3e9-4783-85e9-7c38eedbfbbf/a0ff87cb-6171-4ad3-b4dc-f2ccbf362815/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aced6f454a1b5a260caf5d0bfbf87c01d01df485096331aabc3d031ce6fc3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 27620
content-md5: ANtyofKYl/OlIqbXqrdIKQ==
content-length: 28551
x-ms-lease-status: unlocked
last-modified: Wed, 03 Apr 2024 06:34:26 GMT
server: cloudflare
etag: 0x8DC53A81C04343A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 07afe8bd-401e-004c-0d91-85a9b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87f621f15f6ae3c7-TLV
expires: Tue, 07 May 2024 04:12:32 GMT

GET
H2 200 favicon-32x32.ico
www.zscaler.com/favicons/ 4 KB
4 KB 242ms
242ms Other
image/vnd.microsoft.icon 104.18.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zscaler.com/favicons/favicon-32x32.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7eff4b4361c8058fbe407d9e1e0e14f425df85f01cd295f6e1ac1271a3ff6bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX61MWWG2FHY39C88Z54KNRH
date: Mon, 06 May 2024 04:12:33 GMT
content-security-policy: default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com *.mountain.com https://netlify-rum.netlify.app j.6sc.co *.adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com *.marketo.net js.adsrvr.org *.crazyegg.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com *.bugcrowdusercontent.com *.googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com *.linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io *.cloudfunctions.net ibc-flow.techtarget.com *.mktoresp.com bat.bing.com *.crazyegg.com *.6sc.co st.fullcircleinsights.com https://*.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://*.acsbapp.com https://*.wistia.com https://*.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com *.6sense.com *.linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://*.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
age: 205855
content-encoding: br
x-xss-protection: 1; mode=block
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"73a969fec8e5e997d86f32c9d6f7de3b-ssl"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN https://cms.zscaler.com
content-type: image/vnd.microsoft.icon
cache-control: public,max-age=0,must-revalidate
x-middleware-next: 1
cf-ray: 87f621f21df5e3ed-TLV

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 348 KB
112 KB 371ms
141ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

35ca3c345643cec0d70db14c7ea0899ec8f9d59b913831d884d3ec538efe27ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113832
x-xss-protection: 0
last-modified: Mon, 06 May 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 May 2024 04:12:33 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 13 KB
3 KB 74ms
72ms Fetch
application/json 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: KLWFssuowJEtDumTaVZD/A==
age: 27621
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:28 GMT
server: cloudflare
etag: 0x8DC497526A04834
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 61aca20f-801e-006c-0690-85d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87f621f31ad4e3c7-TLV

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 5 KB
2 KB 89ms
87ms Fetch
application/json 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: k7yGPxSf903pvrcZkZ/tnw==
age: 27621
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1738
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:30 GMT
server: cloudflare
etag: 0x8DC497527AB27B4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8e568cb4-a01e-0026-5d91-85719b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87f621f32aeee3c7-TLV

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 78ms
77ms Fetch
text/css 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 27621
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: bf1d0f64-c01e-006d-3191-858dc8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87f621f32af0e3c7-TLV

GET
H2 200 getForm Show response
info.zscaler.com/index.php/form/ 6 KB
2 KB 432ms
431ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.zscaler.com/index.php/form/getForm?munchkinId=306-ZEJ-256&form=7971&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&callback=jQuery371036799230233793034_1714968752904&_=1714968752905
Requested by: Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba7ddc5097ecf75ca3ce02057e9313d82a6e3a6a177ee9e4765f55b2f8231715

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 87f621f38df0e3cf-TLV
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 getForm Show response
info.zscaler.com/index.php/form/ 6 KB
2 KB 355ms
355ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.zscaler.com/index.php/form/getForm?munchkinId=306-ZEJ-256&form=1944&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&callback=jQuery371036799230233793034_1714968752906&_=1714968752907
Requested by: Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a47b498472092adf4da0451456ce658bdc5609fb42ea91629be03da7a63b6768

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 87f621f39df5e3cf-TLV
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 zscaler-variation-icon-white.png
cdn.cookielaw.org/logos/0ab9c0b7-247a-4ae1-b653-bc1c2e1efb99/018e5a46-9e1b-7379-a98b-a518c6b49467/c2e8f6f2-f75e-4a29-b7b6-804090d49a81/ 1 KB
2 KB 69ms
68ms Image
image/png 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/0ab9c0b7-247a-4ae1-b653-bc1c2e1efb99/018e5a46-9e1b-7379-a98b-a518c6b49467/c2e8f6f2-f75e-4a29-b7b6-804090d49a81/zscaler-variation-icon-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4e274c5793e7cd62cb67e2630278ef4a470b4baa35cb3b42e145717faed336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 May 2024 04:12:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AjwaatmEihRgIitZTQhd5w==
age: 27620
content-length: 1448
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:21:48 GMT
server: cloudflare
etag: 0x8DC4977927EED9C
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a4b18139-d01e-004e-7760-7b170b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87f621f3dd3fe3db-TLV

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
106 KB 132ms
132ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

5dda312d02db8df754ed011057bb3620ee5301ce035a482fec5e1b74ca370a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 04:12:33 GMT

GET
H2 200 6635.js Show response
script.crazyegg.com/pages/scripts/0097/ 6 KB
2 KB 213ms
79ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e1b62ebdc0c45ecba861f2fb9a04dbc120ac946fd065cb22a4d2d1d09e3e3c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4429
cf-polished: origSize=6112
ce-version: 11.5.202
cf-bgj: minify
last-modified: Mon, 06 May 2024 02:00:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 87f621f67e31e3df-TLV

GET tags.js
tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/ 0
0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 379ms
120ms Script
application/x-javascript 104.96.137.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.137.199 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-137-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 04:12:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 6934ae2b-4c76-4229-97d0-8f637b004b88.js Show response
j.6sc.co/j/ 4 KB
2 KB 664ms
421ms Script
application/javascript 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/6934ae2b-4c76-4229-97d0-8f637b004b88.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-66-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fcd0d01f674bf8bc63ee2236eb16f008bdfaa10ff622806b05b762a88ac3498c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uLuCr1hhLpJjZt0sFSB89FSJa4YqIrE7
content-encoding: gzip
date: Mon, 06 May 2024 04:12:34 GMT
x-amz-cf-pop: LHR50-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 1178
pragma: no-cache
last-modified: Tue, 02 May 2023 17:36:47 GMT
server: AmazonS3
etag: "afb8c61166e7f50fe6d7ab7b6377733c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: UubOtxy3TfxsJybyc1Cwg_ZAoOlBZTua5F8cqRomnx-lqtaZxVV_QA==
expires: Mon, 06 May 2024 04:12:34 GMT

GET
H2 200 1395e54b70b06b444656a2f40c135374.js Show response
ob.iseaskies.com/i/ 102 KB
38 KB 415ms
170ms Script
text/javascript 18.173.154.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-10.muc50.r.cloudfront.net
Software: Caddy /
Resource Hash: abefd4b0cac8cd4273a604eaedbec4a592118b668795df25017210e9867206a6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 00:30:57 GMT
content-encoding: gzip
via: 1.1 7ad01e16cb039e6f25a50f4e294fd0ae.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: MUC50-P3
age: 22345
etag: "1973e-J0KXqawL1Gq548AGi3TJ1qVz8kk"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38101
x-amz-cf-id: KpGoEcxqKMELCO1wiPs-EejeUQkHrhRByFw1jPn1MZhoBwNC0bGE0Q==
expires: Mon, 06 May 2024 10:00:08 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 86 KB
27 KB 380ms
120ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-81.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a72c1407e4df69175587756d01e2537a2f8722e59a5a7581f37a7ce36747e7d7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: o2F5X.7ofwfn5AxK2mOAUr6cpAHiSmpn
Content-Encoding: gzip
Via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
Date: Mon, 06 May 2024 03:36:12 GMT
Age: 2182
X-Amz-Cf-Pop: MUC50-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 29 Apr 2024 18:17:04 GMT
Server: AmazonS3
Etag: W/"8527d40fe704871728ead7e7b8f103d2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: apYJ1tds4aWQustpAFtc2fE_B_C1wslDbyjj8Lw915xI04MQOdJxdA==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 352ms
112ms Script
application/javascript 2.18.66.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.8 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

05dce95eaa2457f1ed9076e0d32b59680b654cf7ca6a4e35f3fe682c78f460b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2024 10:06:07 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=55790
accept-ranges: bytes
content-length: 17038

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 138ms
138ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-812494211&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

fabf6a7d218d7784fd84a023a99c8a06e50b83e0c2cb34200811d3f0ac212c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90976
x-xss-protection: 0
last-modified: Mon, 06 May 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 May 2024 04:12:33 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 247ms
126ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 06 May 2024 04:12:32 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2B92AC3D7CC44BC8EE6699E1F858E72 Ref B: TLV30EDGE0309 Ref C: 2024-05-06T04:12:33Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 181ms
181ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8541430&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

4e2d33d97cbdcfb218f09bf9f41397d54f93dbd026701b77e39fd1bcfe0648ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73892
x-xss-protection: 0
last-modified: Mon, 06 May 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 May 2024 04:12:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 317ms
106ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 May 2024 04:12:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=12, mss=1380, tbw=2783, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: lEmO6VRYurihL4W+zJFUnzwfBS1Cym1u6WqFhMDbeJIsuKzFLFbkGIPMnjJXdSm158JFDw5Em5uzOxdYhd7zfg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 234ms
107ms Script
text/javascript 104.18.36.196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.36.196 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 32880
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 87f621f68e0ee3e7-TLV
expires: Mon, 06 May 2024 04:32:33 GMT

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 153ms
80ms Script
application/javascript 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4af0b01450048bffd9bb79f9ab3f23695ce50aca800091d3394d69096ca45d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
x-amz-version-id: El0g.RnAqJPwnFJdxj37HBOCbk.jq3Sb
via: 1.1 7f494376132d92ea6c165caa8a824d7a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: TLV50-C1
age: 64794
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 May 2024 10:12:33 GMT
server: cloudflare
etag: W/"8c204aa84fdf9cdf3edc033589ee81ca"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 87f621f68c82e3e3-TLV
x-amz-cf-id: BNAIwEogHQWS2ZGDm2HWmzc2xMyzZgRWItTZ20eFEWwfGYSc_uM9PQ==

GET
H2 200 fullcircle.js Show response
d2i34c80a0ftze.cloudfront.net/ 32 KB
11 KB 378ms
127ms Script
application/json 108.138.36.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=731c316a-c46e-4a94-81a9-7cfc0ea0d53e&domain=zscaler.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-16.muc50.r.cloudfront.net
Software: /
Resource Hash: aa2b8282a1438a0e53971aa29a5c54f2911a3cb79b44cc20f8521ead150c458f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 19:22:54 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront), 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-C1, MUC50-P2
age: 31779
x-amzn-requestid: d19e05a7-6b66-4181-9edc-913f8f4c754d
x-amzn-trace-id: Root=1-6637dc8e-35964d0533665bfd7af8d9da;Parent=23cd4728597999f1;Sampled=0;lineage=be50798f:0
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: XT9mXFEKvHcEAXw=
x-amz-cf-id: F9NZgwX3lHV4xWCwNd48HwlrMs6J5MEr1l5_yb-_Xd-N4K49VrvLhA==

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 180ms
57ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 03:54:31 GMT
content-encoding: gzip
age: 1082
x-guploader-uploadid: ABPtcPoevi2UIFdXOldEhHoQ0RDD8MD__7w3tHy-WLdjNic4s-Q9bzDfJwTZ5FadCJutPRJFWdY-MkwY3g
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Mon, 06 May 2024 04:54:31 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 10 KB
4 KB 372ms
118ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 05 May 2024 04:35:17 GMT
Content-Encoding: gzip
Via: 1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
Last-Modified: Tue, 30 Apr 2024 23:20:15 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 85038
x-amz-server-side-encryption: AES256
ETag: W/"d6f0435164aefe6cf324147b77c7b6bb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: IFq73JUc0iPaNpZ8vmEv6lhIOVfFXnj1xVcGLF03cax0j3EDKBHOVg==

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 25 KB
7 KB 802ms
205ms Script
application/javascript 44.209.137.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cb=55744261651317496term=value
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.137.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-137-118.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 26025a47b1582b7afa02f08246c4328de778717557a16bb493e4e72b13eb395e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 3
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 forms2.css
info.zscaler.com/js/forms2/css/ 13 KB
3 KB 125ms
124ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/js/forms2/css/forms2.css

Requested by

Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
cf-cache-status: HIT
age: 4431
content-length: 2623
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
etag: "3209f6-3437-616bbc873ed80"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 87f621f5eb40e3cf-TLV
expires: Mon, 06 May 2024 08:12:33 GMT

GET
H2 200 forms2-theme-round.css
info.zscaler.com/js/forms2/css/ 4 KB
1 KB 105ms
105ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/js/forms2/css/forms2-theme-round.css

Requested by

Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 4431
etag: "3209f5-e46-616bbc873ed80"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 87f621f5eb44e3cf-TLV
content-length: 968
expires: Mon, 06 May 2024 08:12:33 GMT

GET
H2 200 XDFrame Show response
info.zscaler.com/index.php/form/ Frame E430 2 KB
874 B 258ms
258ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/index.php/form/XDFrame

Requested by

Host: info.zscaler.com
URL: https://info.zscaler.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02ef3d4346add95520307127e5cbfbd7b9da8697720a7c9046d44188bd19d1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 87f621f71db6e3cf-TLV
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 04:12:33 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 288ms
113ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je4510v883639532z871607006za200&_p=1714968752957&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1934855539.1714968754&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714968753&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&dt=Zloader%20%7C%20ThreatLabz&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20240429&ep.blog_child_category=Threatlabz%20Research&ep.author_name=Santiago%20Vicente&ep.nid=77891&epn.hit_timestamp=1714968753544&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&ep.loading_time_seconds=0&up.clientid=(not%20set)&tfd=3033
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 330ms
110ms Ping
text/plain 74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-10SPJ4YJL9&cid=1934855539.1714968754&gtm=45je4510v883639532z871607006za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.71.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wn-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 272ms
112ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je4510v883639532z871607006za200&_p=1714968752957&gcd=13l3l3l3l1&npa=0&dma=0&cid=1934855539.1714968754&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sid=1714968753&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&dt=Zloader%20%7C%20ThreatLabz&_s=2&tfd=3050
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 113ms
112ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je4510v883639532z871607006za200&_p=1714968752957&gcd=13l3l3l3l1&npa=0&dma=0&cid=1934855539.1714968754&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=Ag&_s=3&sid=1714968753&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&dt=Zloader%20%7C%20ThreatLabz&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20240429&ep.blog_child_category=Threatlabz%20Research&ep.author_name=Santiago%20Vicente&ep.nid=77891&epn.hit_timestamp=1714968753725&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_rendered&epn.event_label=1944&tfd=3054
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 113ms
112ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je4510v883639532za200&_p=1714968752957&gcd=13l3l3l3l1&npa=0&dma=0&cid=1934855539.1714968754&ul=he-il&sr=1600x1200&pscdl=noapi&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=4&sid=1714968753&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&dt=Zloader%20%7C%20ThreatLabz&en=marketo_form_view&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20240429&ep.blog_child_category=Threatlabz%20Research&ep.author_name=Santiago%20Vicente&ep.nid=77891&epn.hit_timestamp=1714968753725&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_rendered&epn.event_label=1944&_et=2&tfd=3059
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 113ms
112ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je4510v883639532z871607006za200&_p=1714968752957&gcd=13l3l3l3l1&npa=0&dma=0&cid=1934855539.1714968754&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=5&sid=1714968753&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&dt=Zloader%20%7C%20ThreatLabz&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20240429&ep.blog_child_category=Threatlabz%20Research&ep.author_name=Santiago%20Vicente&ep.nid=77891&epn.hit_timestamp=1714968753753&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_ready&epn.event_label=1944&_et=2&tfd=3069
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 113ms
112ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je4510v883639532z871607006za200&_p=1714968752957&gcd=13l3l3l3l1&npa=0&dma=0&cid=1934855539.1714968754&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=Ag&_s=6&sid=1714968753&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&dt=Zloader%20%7C%20ThreatLabz&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20240429&ep.blog_child_category=Threatlabz%20Research&ep.author_name=Santiago%20Vicente&ep.nid=77891&epn.hit_timestamp=1714968753764&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_rendered&epn.event_label=7971&_et=2&tfd=3073
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 113ms
113ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je4510v883639532za200&_p=1714968752957&gcd=13l3l3l3l1&npa=0&dma=0&cid=1934855539.1714968754&ul=he-il&sr=1600x1200&pscdl=noapi&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=7&sid=1714968753&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&dt=Zloader%20%7C%20ThreatLabz&en=marketo_form_view&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20240429&ep.blog_child_category=Threatlabz%20Research&ep.author_name=Santiago%20Vicente&ep.nid=77891&epn.hit_timestamp=1714968753764&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_rendered&epn.event_label=7971&_et=2&tfd=3079
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.il/ads/ 42 B
408 B 356ms
122ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-10SPJ4YJL9&cid=1934855539.1714968754&gtm=45je4510v883639532z871607006za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=830062884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/ 3 KB
1 KB 346ms
124ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/?random=1714968753878&cv=11&fst=1714968753878&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-812494211&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ebd58828e038cca92ff4ced77a288c6249a4fde938f2148863b9cd187d7d9235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1439
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/812494211/ 3 KB
2 KB 253ms
129ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/812494211/?random=1714968753884&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&label=(not%20set)&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=QA&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-812494211&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

62587a197f07c6b6a23892af6513886d6d79d4bf3af4c86c0971887ee6d679de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1612
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.zscaler.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6635/site/ 85 KB
8 KB 209ms
88ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6635/site/www.zscaler.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be48aeb17e89e2212d758e1e57d2cf1c86fe08d9101c2c07c722b16a0015a29f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4430
ce-version: 11.5.202
content-length: 7681
last-modified: Mon, 06 May 2024 02:58:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87f621f8db65e3cb-TLV

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 199 B
553 B 704ms
704ms Fetch
application/json 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 384dc68887878de88f97e0d0ba0d0a28df8796151bee87f5cbd6d11881878fe4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer e6609b6e9a1669129391
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.zscaler.com/
visited_url: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
via: 1.1 fd3f7297d4c0245a27d5177644dc8e9a.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: TLV50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: XVLL-jY8PHcEMFg=
server: cloudflare
etag: W/"c7-MfsEzWcw0TF4aKSFcX65S8tCluo"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 87f621fa1b22e3e3-TLV
x-amz-cf-id: OgpO8p1Z4um0Mjbj7X8BPCkav5_JY1uOrFSdKDY78eeK6dIYbUuxaw==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 327ms
262ms Preflight 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: XVLL4hzLPHcEMNA=
cf-cache-status: DYNAMIC
cf-ray: 87f621f87fb7e3e3-TLV
date: Mon, 06 May 2024 04:12:34 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 fd3f7297d4c0245a27d5177644dc8e9a.cloudfront.net (CloudFront)
x-amz-cf-id: jDDLCv32WyutGWW3I8o8-hHfpqCXhIPNxjnqam_u0sHfdKHzo4f19w==
x-amz-cf-pop: TLV50-C1
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2

200

activityi;dc_pre=COXqmLuU-IUDFUckBgAdLjECgA;src=8541430;type=zscal00;cat=zscal0;ord=5563055765678;npa=0;auiddc=842775308.1714968754;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzl...
8541430.fls.doubleclick.net/ Frame 6F10
Redirect Chain

https://8541430.fls.doubleclick.net/activityi;src=8541430;type=zscal00;cat=zscal0;ord=5563055765678;npa=0;auiddc=842775308.1714968754;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2F...
https://8541430.fls.doubleclick.net/activityi;dc_pre=COXqmLuU-IUDFUckBgAdLjECgA;src=8541430;type=zscal00;cat=zscal0;ord=5563055765678;npa=0;auiddc=842775308.1714968754;u1=https%3A%2F%2Fwww.zscaler....

0
0

123ms
122ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8541430.fls.doubleclick.net/activityi;dc_pre=COXqmLuU-IUDFUckBgAdLjECgA;src=8541430;type=zscal00;cat=zscal0;ord=5563055765678;npa=0;auiddc=842775308.1714968754;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4510z871607006za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8541430&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 392
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 May 2024 04:12:34 GMT
expires: Mon, 06 May 2024 04:12:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 May 2024 04:12:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8541430.fls.doubleclick.net/activityi;dc_pre=COXqmLuU-IUDFUckBgAdLjECgA;src=8541430;type=zscal00;cat=zscal0;ord=5563055765678;npa=0;auiddc=842775308.1714968754;u1=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4510z871607006za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 324ms
201ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2334982&r=1714968753961&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 04:12:34 GMT
expires: Mon, 06 May 2024 04:12:34 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPq4Y-bLMdkFg10eUPj47cF27z8Wd5maGMbc1TydIM3YAj38VDXStGvgiPRUte_Xjl_qPA9meVu_-A

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
457 B 213ms
212ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2334982&r=1714968753961&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 2334982
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPouggLyBEwjHi2IoLYLzjnzyIWhGvNESyLyJQshAVHcfF9IuBLKCzf-Xk6gsj8JrrvT3GVodO4Y8Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Mon, 06 May 2024 05:12:34 GMT

GET
H2 200 295014050.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 126ms
125ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/295014050.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e132bc877dade68a5609e803549d6cead1c132d310dcc037de34d87fe00c5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 06 May 2024 04:12:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 677CE75BFC744BB8980FFCFA30BFE474 Ref B: TLV30EDGE0309 Ref C: 2024-05-06T04:12:34Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1714968753986&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1714968753986&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D33962%26time%3D1714968753986%26url%3Dhttps%253A%252F%252Fwww.zscaler.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1714968753986&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cookiesTest=true&liSync=true

0
386 B

263ms
262ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1714968753986&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cookiesTest=true&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A10F8949E4A2498E8E2DED5707DDF57A Ref B: TLV30EDGE0321 Ref C: 2024-05-06T04:12:35Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYXwUdzdDcZyLAiw9OUzw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 06 May 2024 04:12:34 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYXwUdvt8ljq847omDFyw==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B92A5E59246D468F82DA9B78934FA785 Ref B: TLV30EDGE0321 Ref C: 2024-05-06T04:12:34Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1714968753986&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
123 B 257ms
256ms Fetch
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.zscaler.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a468376ed6b632189d220317f54c7c9c
cache-control: private
function-execution-id: x0n1yyjfzx9i
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 400ms
215ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 04:12:34 GMT
function-execution-id: aw53x8t261d2
server: Google Frontend
x-cloud-trace-context: 5b9ca838a360d02001b81627f1862784

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

213ms
119ms

Script
application/javascript

18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 18.173.187.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-81.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 06 May 2024 02:30:42 GMT
Via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
Age: 6113
X-Amz-Cf-Pop: MUC50-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: B00pihgWNZlZm5s3vz8WCQCHw3gfRJx5aEvGqittAqaS8DJfQrgLjg==

Redirect headers

Date: Sun, 05 May 2024 17:20:55 GMT
Via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
Age: 39098
X-Amz-Cf-Pop: MUC50-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: reDjYICL5GL6OK5A-73l2Bw1RheMTxmRxU3p0ubP2NKlYnft2d965g==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/ 0
808 B 213ms
129ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-81.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: dRosEr4VOtU_A7BN0ap5c7X3YQIYmIzJ
Date: Mon, 06 May 2024 04:12:34 GMT
Via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
Age: 775
X-Amz-Cf-Pop: MUC50-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Fri, 03 May 2024 11:36:43 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: v5E2dKSA_EMx2t4c_n4EzhSLqeArE0ad_5opci90Mq9jlyp4oIiGjg==

GET
H2 200 1778897272132032 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 158ms
158ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1778897272132032?v=2.9.155&r=stable&domain=www.zscaler.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

13153098a1f7a646d0baac385e415393a24d1014dd36c3901348cdd48f892e6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 May 2024 04:12:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=61, mss=1380, tbw=63327, tp=-1, tpl=-1, uplat=52, ullat=0
pragma: public
x-fb-debug: 2tyoZW98Mdz1Up71KrQosCtAfVX/7CXWfHJ9A2T4pyhOujWbcLshTxvcmx0PM7N/CpNego7k5qrEZbiV+VxM+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 forms2.min.js Show response
info.zscaler.com/js/forms2/js/ Frame E430 199 KB
0 0ms
0ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.zscaler.com/js/forms2/js/forms2.min.js

Requested by

Host: info.zscaler.com
URL: https://info.zscaler.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://info.zscaler.com/index.php/form/XDFrame
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 4431
etag: "2f40242-31af8-616bbc873ed80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 87f621f0891de3cf-TLV
expires: Mon, 06 May 2024 08:12:32 GMT

GET
H2 200 ULSJHTPGTZGY3EPPZSKHKS Show response
d.adroll.com/consent/check/ 534 B
1 KB 378ms
123ms Script
application/javascript 52.31.17.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/ULSJHTPGTZGY3EPPZSKHKS?pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&_s=71cdf624b746f590f7c650e51388bba5&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.17.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-17-50.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 8f5f726e6830cdc3a13f47bfd4aa4440c03de4bcf4548a25d691d9b46778704f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: application/javascript
pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 534
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET 295014050
www.clarity.ms/tag/uet/ 0
0

GET
H2 200 6735f9594d6bb8a4f1fe56c6b3e21cf5.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 94 KB
31 KB 81ms
80ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69e3303757e223cc0fd92ec05e7f0eb6ca17c61c857cf273f19d181ad2afd47

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2024 08:41:12 GMT
server: cloudflare
age: 465333
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87f621f96bf6e3df-TLV
content-length: 31374

GET
H2 200 6si.min.js Show response
j.6sc.co/ 65 KB
18 KB 114ms
113ms Script
application/javascript 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/6934ae2b-4c76-4229-97d0-8f637b004b88.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

7aa0e0bbf58cd1dfc9312e887eadfd2504f44a643772c835be7db1b3777a4301

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2024 20:11:50 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6626c486-104cc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17932
expires: Mon, 06 May 2024 04:12:34 GMT

OPTIONS
H2 200 create
st.fullcircleinsights.com/v1/visitors/ Frame 0
0 842ms
552ms Preflight
application/json 54.230.228.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visitors/create
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-63.muc50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: js-version,origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.zscaler.com
content-length: 1
content-type: application/json
date: Mon, 06 May 2024 04:12:34 GMT
via: 1.1 3e8fb1cae95e63b7f329b9330db0c47a.cloudfront.net (CloudFront)
x-amz-apigw-id: XVLMAGd6vHcEZow=
x-amz-cf-id: mj10KsUVBasaseSgbI3_m3zEXwXEWgd0OUfrniDiJhRy1fe_xKOEgA==
x-amz-cf-pop: MUC50-P5
x-amzn-requestid: 12964f70-f8b3-45c7-ad4e-2c9758399585
x-cache: Miss from cloudfront

POST
H2 200 create Show response
st.fullcircleinsights.com/v1/visitors/ 1 KB
2 KB 750ms
749ms XHR
application/json 54.230.228.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visitors/create
Requested by: Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=731c316a-c46e-4a94-81a9-7cfc0ea0d53e&domain=zscaler.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-63.muc50.r.cloudfront.net
Software: /
Resource Hash: 3869c9c38f2f384c6566fe03aacdea042a24043f776c1cd1a8c921a24d44f40e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
js-version: 1.0.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
origin-fci: https://www.zscaler.com
Referer: https://www.zscaler.com/
x-api-key: qJ5ZUG1BW44UIJbuBg8oP93ofs3xOFTZ7XFCqaSv
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
via: 1.1 3e8fb1cae95e63b7f329b9330db0c47a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
x-amzn-trace-id: Root=1-663858b3-2aa9bd1405750d501b33017a;Parent=28edc0e5173c4e8d;Sampled=0;lineage=7c392b7c:0
x-amzn-requestid: 36761b47-cd76-4a77-a8dc-2fcc9de3ec5d
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
x-amz-apigw-id: XVLMHGDsPHcEW6A=
content-length: 1533
x-amz-cf-id: MpwarXJM9OWa606B4AJ2mYaPMn5_E7XKcdrl2Sa8nS877fGKry46Mg==

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 332ms
108ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1778897272132032&ev=PageView&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&rl=&if=false&ts=1714968754225&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4126&fbp=fb.1.1714968754220.1561943322&cs_est=true&ler=empty&cdl=API_unavailable&it=1714968754013&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=10, mss=1380, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 06 May 2024 04:12:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET up
insight.adsrvr.org/track/ Frame 35B0 0
0

GET
H3

200

/
www.google.co.il/pagead/1p-conversion/812494211/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/?random=1591838885&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&...
https://www.google.com/pagead/1p-conversion/812494211/?random=1591838885&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=12...
https://www.google.co.il/pagead/1p-conversion/812494211/?random=1591838885&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=...

42 B
64 B

125ms
122ms

Image
image/gif

142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/pagead/1p-conversion/812494211/?random=1591838885&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&label=(not%20set)&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&value=0&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=QA&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAgiYwbEC&pscrd=IhMI8cGPu5T4hQMVe_QRCB0q7wcHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vd3d3LnpzY2FsZXIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqE5TMGfzBJSudTrK1ooLb1DUNF22Hcg&eitems=ChAI8NzcsQYQqr6joavG_89hEh0A8oe38LrbQo5pnFKYDPFs4neTDLK-C0Fhy27S8g&random=4144091951&ipr=y

Protocol

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.il/pagead/1p-conversion/812494211/?random=1591838885&cv=11&fst=1714968753884&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&label=(not%20set)&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&value=0&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=QA&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAgiYwbEC&pscrd=IhMI8cGPu5T4hQMVe_QRCB0q7wcHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vd3d3LnpzY2FsZXIuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqE5TMGfzBJSudTrK1ooLb1DUNF22Hcg&eitems=ChAI8NzcsQYQqr6joavG_89hEh0A8oe38LrbQo5pnFKYDPFs4neTDLK-C0Fhy27S8g&random=4144091951&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct Show response
obs.iseaskies.com/ 4 KB
1 KB 1052ms
627ms Script
text/javascript 50.16.211.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/ct?id=60409&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1714968754307&hl=2&op=0&ag=2115704966&rand=045261191506261866528268805759002498024920200915751022129261231711802206911259295517&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDM5ODJdLFsiYm5jaCIsMl0sWyJhYm5jaCIsMl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy0yNywiWzIwMCwxMCwwLFwiNGdcIixudWxsXSJdLFstOSwiKyJdLFstMTcsIjEyIl0sWy00NiwiMCJdLFstNTMsIjEwMCJdLFstNywiLSJdLFstMTIsIm51bGwiXSxbLTY0LCJbMCxcIldpbjMyXCIsW3tcImJcIjpcIkdvb2dsZSBDaHJvbWVcIixcInZcIjpcIjEyNFwifSx7XCJiXCI6XCJOb3Q6QS1CcmFuZFwiLFwidlwiOlwiOFwifSx7XCJiXCI6XCJDaHJvbWl1bVwiLFwidlwiOlwiMTI0XCJ9XV0iXSxbLTU1LCIxIl0sWy02OCwiLSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTM0LCItIl0sWy0yMCwiMTkzNDg1NTUzOS4xNzE0OTY4NzU0Il0sWy0xLCItIl0sWy0zMSwiZmFsc2UiXSxbLTM1LCJbMTcxNDk2ODc1NDIyOSwtM10iXSxbLTEzLCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy01OCwiLSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstOCwiLSJdLFstMTAsIi0iXSxbLTE5LCJbODAsODAsODAsODAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjgsImVuLVVTLGVuIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTQ5LCItIl0sWy0xNCwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTYsIi0iXSxbLTUyLCItIl0sWy0yOSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTY1LCItIl0sWy01MSwiLSJdLFstMjYsIntcInRqaHNcIjo0ODgzNjcwNCxcInVqaHNcIjozMTU2NzY3NixcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ3LCJBc2lhL0plcnVzYWxlbSxoZS1JTCxsYXRuLGdyZWdvcnkiXSxbLTYyLCI4MCJdLFstMiwiMTAsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9WZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1U0FQSi9HdCJdLFstNDUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IscGljdHVyZWlucGljdHVyZSxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxsb2NhbGZvbnRzLG90cGNyZWRlbnRpYWxzLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGNodWFmb3JtZmFjdG9ycyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstNCwiLSJdLFstNSwiLSJdLFstMjEsIi0iXSxbLTQxLCItIl0sWy0zOCwiYywtMSwtMSwxLDAsMTcsMCwwLDEyOSw5OTEsLTEsMCwxNTY0LjEsMTg5Mi4zLDM0OTMsMzQ5MyJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkUFhCa1JVVTFOU1VvREZoWldXeGRRU2x4WVNsSlFYRW9YV2xaVUZsQVdDQW9BREZ3TURWc09DVnNKRDFzTkRRMFBEQTlZQzE4TkNWb0lDZ3dLRGcwWFUwb0RDQU1QRGdrUEFSQT0iXSxbLTIzLCIrIl0sWy00OCwiMCwwIl0sWy01OSwiZGVmYXVsdCJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy02NywiLSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTI1LCItIl0sWy0zMywiLSJdLFstNjMsIjAiXSxbLTE2LCIwIl0sWy0xNSwiLSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy02MSwie1wid2dzbFwiOlwiNDtyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy0yNCwiW10iXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIixcIjkwMTk4MjQzMVwiLFwiMTE3NDk4OTU1OVwiXSxcImRcIjpbXSxcImJcIjpbXCIxMTc2NzI4Nzg3XCIsXCIzMTE0NzA4MjMyXCIsXCJfMVwiLFwiMjQyNTY2NTQwMVwiXSxcInNcIjoxfSJdLFstNTAsIi0iXSxbLTYwLDE3OV0sWy0zMiwiLSJdLFstNDAsIjMzIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiXX0iXSxbImRkYiIsIjAsMTAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwxLDAsMSwwLDAsMSwxLDIsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsOCwwLDAsMCwwLDAsMSwwLDAiXSxbImNiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMiwwLDAsNywxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw5LDAsMSwwLDAsMCwwLDEsMSwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=EZahPsrnGe&pto=3535&ver=59&gac=1934855539.1714968754&mei=&ap=&fe=1&duid=1.1714968754.2NosyuxHhETkUe64&suid=1.1714968754.lB847ysfFBwC69Rf&tuid=1.1714968754.QFC0roNl5MpaNxiT&fbc=1.1714968754220.1561943322&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiLCJ6c2NhbGVyQmxvZ0F1dGhvcnMiLCJta3RvX2Zvcm1fanMiLCJta3RvX2Zvcm1fcmVuZGVyZWQiLCJta3RvX2Zvcm1fcmVhZHkiLCJuZXh0cm9sbC1yZWFkeSJd&it=122%2C2738%2C444&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=dd523aa00b5e11efabcd29595f0d546b&spa=1&urid=0&ab=&sck=-
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-211-97.compute-1.amazonaws.com
Software: /
Resource Hash: 87edca219af81380a8231439fd41594925fb25517922718abc0dccc3523ac75c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1159
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/812494211/ 42 B
64 B 346ms
121ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/812494211/?random=1714968753878&cv=11&fst=1714968000000&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqO98OcIbP32hWH29JM16EsL0yRzHTvQ&random=533552644&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.il/pagead/1p-user-list/812494211/ 42 B
154 B 121ms
120ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/pagead/1p-user-list/812494211/?random=1714968753878&cv=11&fst=1714968000000&bg=ffffff&guid=ON&async=1&gtm=45be4510v882815967z871607006za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&hn=www.googleadservices.com&frm=0&tiba=Zloader%20%7C%20ThreatLabz&npa=0&pscdl=noapi&auid=842775308.1714968754&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqO98OcIbP32hWH29JM16EsL0yRzHTvQ&random=533552644&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
699 B 353ms
118ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
an-x-request-uuid: 6361202a-ac05-4161-a8d8-9496b4f7ca00
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zscaler.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.187.78.33; 31.187.78.33; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 140ms
121ms XHR
text/html 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-66-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.zscaler.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
281 B 367ms
129ms XHR
text/html 2.18.66.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.66.72 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-66-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.zscaler.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714968754509_34751044_295067372_24_832_55_113_219";dur=1
content-length: 4
expires: Mon, 06 May 2024 04:12:34 GMT

GET
H2 200 www.zscaler.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6635/sampling/ 154 B
237 B 69ms
69ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6635/sampling/www.zscaler.com.json?t=476380
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd075bb03002d1faf233414ca4555bcba7bf1e7ac8b193ce7d7aa391ad4b08a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4429
ce-version: 11.5.202
content-length: 145
last-modified: Mon, 06 May 2024 02:58:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87f621fabe63e3cb-TLV

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
461 B 405ms
117ms XHR
application/json 54.230.228.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-9.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 e18c612d6dd4d2546736ebc7db886b6a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 19794547
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: Fdg6bd_etNUfPlaWO9Bsac69cyoaYCOw5mm_WawqKXoSANEp1YWC9w==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
461 B 389ms
116ms XHR
application/json 54.230.228.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-29.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 01:23:29 GMT
via: 1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 11933346
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: -p06fW8u6RSqlAqQ-yTT7FFIoUGmAqhwo1cHOPu002iIGFp_7goGOQ==

GET
BLOB 200
OK e581671f-6407-4f55-b2b5-873a6599826d
https://www.zscaler.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.zscaler.com/e581671f-6407-4f55-b2b5-873a6599826d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 751 B
718 B 364ms
129ms XHR
application/json 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 3b6688ee1f6273890d262f2f599f2a7b4c078b43fb277c658fd2781428932814

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Token 1dc729230d6b8d19bab5e6236d81f60c4dca0823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
X-6s-CustomID: WebTag 6934ae2b-4c76-4229-97d0-8f637b004b88
Referer: https://www.zscaler.com/
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 6279519029300821501
date: Mon, 06 May 2024 04:12:35 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://www.zscaler.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 399

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 374ms
121ms Preflight 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.zscaler.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Mon, 06 May 2024 04:12:34 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 7220432973288964468

GET
BLOB 200
OK 22f3ae97-aa7c-4b31-acaf-bba8fe13c48d
https://www.zscaler.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.zscaler.com/22f3ae97-aa7c-4b31-acaf-bba8fe13c48d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 240ms
231ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:34 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 276ms
267ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22ab9750bca4342498694e239e304dd3a9%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%221dc729230d6b8d19bab5e6236d81f60c4dca0823%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%226934ae2b-4c76-4229-97d0-8f637b004b88%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:34 GMT

GET
H/1.1

200
OK

XYPZFM5QENHXRH7RBBI5PW.js Show response
s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/
Redirect Chain

https://d.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%...
https://s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/XYPZFM5QENHXRH7RBBI5PW.js

7 KB
3 KB

130ms
129ms

Script
text/javascript

18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/XYPZFM5QENHXRH7RBBI5PW.js
Protocol: HTTP/1.1
Server: 18.173.187.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-81.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fc2b8881cc175d02acfc96169583d91391af80c3ede0d35780b633dca2792ca

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: TRI0TsMFkPap7Iq39LvYOmHutiAE..MT
Content-Encoding: gzip
Via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
Date: Mon, 06 May 2024 04:12:34 GMT
Age: 1547
X-Amz-Cf-Pop: MUC50-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 02 Feb 2024 11:54:49 GMT
Server: AmazonS3
Etag: W/"fef7cfa6684768867feb33cfa899e16d"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: qEqdr4-qVqF7H4PmYlyFcya2GXLVme6T78t4k9B8jVJVqDvwMWVTjg==

Redirect headers

date: Mon, 06 May 2024 04:12:34 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.22.1
x-rule: *
x-segment-eid: XYPZFM5QENHXRH7RBBI5PW
location: https://s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/XYPZFM5QENHXRH7RBBI5PW.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: 22OEOVE2YNFA3EKSRERISY
x-segment-name: *
x-advertisable-eid: ULSJHTPGTZGY3EPPZSKHKS
x-conversion-currency

GET
H/1.1 200
OK is Show response
44.212.189.233/ 32 B
437 B 777ms
194ms Fetch
text/plain 44.212.189.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://44.212.189.233/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cb=55744261651317496term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.212.189.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-189-233.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 82aac3ca89e85b8e13207f545a591b1bc522138a1c956584fb942e8c82247eab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2 200 clock Show response
tracking.crazyegg.com/ 38 B
145 B 395ms
137ms XHR
text/plain 54.195.89.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1714968754839&tk=80f93ae68d664369d14c6654f4ff8042&s=366477&p=%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&u=976635&v=96b23a9c41b3a3469d0db6fce2dd54fbdb59f958&f=zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&ul=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.89.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-89-156.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b85ec3e17f4619963eded7c804deb7bb37174ac37915b048212166ede58ff344

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 06 May 2024 04:12:35 GMT
cache-control: no-store
server: awselb/2.0
content-length: 38
content-type: text/plain

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 121ms
120ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cookie=&adroll_s_ref=&keyw=&p0=2418
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-81.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu.
Content-Encoding: gzip
Via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
Date: Mon, 06 May 2024 04:09:34 GMT
Age: 182
X-Amz-Cf-Pop: MUC50-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jun 2023 16:22:01 GMT
Server: AmazonS3
Etag: W/"4a64112c69b3c4b3f104f38d9547a094"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: l_SBkRCsdGr6-bI7C_b-D0XXqW1A1dX0X9BIX6EFnMOmMW6jUEPHYA==

GET
H3 200 476377582537549 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 150ms
150ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/476377582537549?v=2.9.155&r=stable&domain=www.zscaler.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

707c1bad90428521a6697654f9dc841a3cf030a8d4fd8150f47545927d8ccada

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 May 2024 04:12:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=106, rtx=0, c=33, mss=1232, tbw=4327, tp=9, tpl=0, uplat=42, ullat=0
pragma: public
x-fb-debug: 5grfuLaDbclu6b0tgDeDYQhRdmFjgTabY+CV+HfYJKB+gFOVqJF0YivN2JT/GA0AIi0c4eI6xF5xSlnOWy4gEQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tr...
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM

43 B
510 B

122ms
121ms

Image
image/gif

35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM
Protocol: HTTP/1.1
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Mon, 06 May 2024 04:12:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM
Date: Mon, 06 May 2024 04:12:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tr...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=9soj_cQrvaGtm72SoN4Eow
https://d.adroll.com/cm/g/in

42 B
822 B

123ms
123ms

Image
image/gif

52.31.17.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Server: 52.31.17.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-17-50.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-ol...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expiration=1746504754
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expiration=1746504754&C=1

43 B
733 B

287ms
286ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expiration=1746504754&C=1
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjQnNAO8fa8Vnz%2B%2FgE4QRgI3bYY6ZOfHk1PC4MYYJ8%2F35c2Ugzsbb5m%2FZ7ZcLzBi1uECcC0hUFW%2FetMMq5veKbEdv9wkLdpCWdcE0GlQAEOrRc0dkBLftHJel3poZiNd1YEuCd99GlS5iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 87f622014bd4e3ed-TLV
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25ewhJ6058hKZUxOPWObrZUO3%2B6vgT8tDSJLduwSE3ruvPSWe6g3pJ99uOm5ErNK3Igw6Jf8%2BXGpIUS1kaykgKyqSphLgvF7e6koOPIhUamPk3nX5XQ4cwGqcvvvXnvZoCk3qdOB0Lk6zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=105&external_user_id=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expiration=1746504754&C=1
cache-control: no-cache
cf-ray: 87f621ff5f9ee3ed-TLV
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

sync
pippio.com/api/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tr...
https://idsync.rlcdn.com/377928.gif?partner_uid=f6ca23fdc42bbda1ad9bbd92a0de04a3
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTMQABoNCLOx4bEGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=ec36aabf990eb8972315ebf525a82957ecac0e70e628345740adb5063e088373791426b5417dce21&_=2

42 B
581 B

333ms
210ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=5324&it=1&iv=ec36aabf990eb8972315ebf525a82957ecac0e70e628345740adb5063e088373791426b5417dce21&_=2
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 06 May 2024 04:12:35 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pippio.com/api/sync?pid=5324&it=1&iv=ec36aabf990eb8972315ebf525a82957ecac0e70e628345740adb5063e088373791426b5417dce21&_=2
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tr...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expires=365

42 B
977 B

451ms
112ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&expires=365
pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tr...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=f6ca23fdc42bbda1ad9bbd92a0de04a3&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=f6ca23fdc42bbda1ad9bbd92a0de04a3&gdpr=0&gdpr_consent=

43 B
180 B

112ms
111ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=f6ca23fdc42bbda1ad9bbd92a0de04a3&gdpr=0&gdpr_consent=
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=f6ca23fdc42bbda1ad9bbd92a0de04a3&gdpr=0&gdpr_consent=
date: Mon, 06 May 2024 04:12:35 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=&us_privacy=1---

0
360 B

736ms
180ms

Image
text/plain

70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

HTTP/1.1

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Mon, 06 May 2024 04:12:35 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 3ff7e5370fafa4a35ddd702887b89f13
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=&us_privacy=1---
pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
542 B

368ms
116ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 06 May 2024 04:12:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tr...
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
121 B

139ms
139ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.112 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.112
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Mon, 06 May 2024 04:12:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.112
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM

0
365 B

353ms
114ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 59709

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM
pragma: no-cache
date: Mon, 06 May 2024 04:12:34 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-lear...
https://eb2.3lift.com/xuid?mid=4714&xuid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

118ms
118ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 06 May 2024 04:12:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 06 May 2024 04:12:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=e8a81f8997a62993e07441f85c6cbb7e-1714968754573&pv=49800405724.48052&arrfrr=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tr...
https://ib.adnxs.com/setuid?entity=172&code=ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM

43 B
1 KB

114ms
114ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
an-x-request-uuid: 8d3fd8b7-8fae-49a1-a4f6-df718a6c5590
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.187.78.33; 31.187.78.33; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
an-x-request-uuid: fcf22480-0a2a-448d-a3fd-cd3612f5d12c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM
cache-control: no-store, no-cache, private
x-proxy-origin: 31.187.78.33; 31.187.78.33; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/ Frame 0
0 322ms
249ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.zscaler.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87f621ff1912e3db-TLV
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 04:12:35 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 89 KB
27 KB 240ms
163ms Script
application/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6346e978f8214288a06312ff6006113d1ef96be66755c67b00d4b24490edd4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2827
x-guploader-uploadid: ABPtcPp0K4WVNgjR5G17hEhJZ1S4PphfD3VB575YMEgXHrY5_MKhIsPxmE465lv7tFU-NCDJSTVv-n4UMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Apr 2024 11:22:28 GMT
server: cloudflare
etag: W/"d3b4774a46d8fd50ce9d458b28ae8ef3"
x-goog-hash: crc32c=Su6fug==, md5=07R3SkbY/VDOnUWLKK6O8w==
x-goog-generation: 1713352947933858
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91541
cf-ray: 87f621ff1d3ce3cb-TLV
expires: Mon, 06 May 2024 04:25:28 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/ 3 KB
2 KB 426ms
364ms Fetch
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/64e6fa9ecd8305533d00dac1/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

be2f69ffcfe783832c1641c581de35e6677bab90fbeec90c9cb4e033b8449434

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Referer: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
_vtok: MzEuMTg3Ljc4LjMz
_zitok: e2129fc4398ddabb4f671714968754
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.zscaler.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 87f62201099de3df-TLV

GET
H2 200 /
www.facebook.com/tr/ 0
121 B 109ms
107ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=476377582537549&ev=PageView&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&rl=&if=false&ts=1714968755011&cd[segment_eid]=XYPZFM5QENHXRH7RBBI5PW&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4125&fbp=fb.1.1714968754220.1561943322&ler=empty&cdl=API_unavailable&it=1714968754013&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=10, mss=1380, tbw=3123, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 06 May 2024 04:12:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 189ms
189ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6sense-temp-analytics&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=https%3A%2F%2Fepsilon.6sense.com&q=%7B%22name%22%3A%22https%3A%2F%2Fepsilon.6sense.com%2Fv3%2Fcompany%2Fdetails%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A3713.6000003814697%2C%22duration%22%3A738.7999992370605%2C%22initiatorType%22%3A%22xmlhttprequest%22%2C%22deliveryType%22%3A%22%22%2C%22nextHopProtocol%22%3A%22%22%2C%22renderBlockingStatus%22%3A%22non-blocking%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A3713.6000003814697%2C%22domainLookupStart%22%3A0%2C%22domainLookupEnd%22%3A0%2C%22connectStart%22%3A0%2C%22secureConnectionStart%22%3A0%2C%22connectEnd%22%3A0%2C%22requestStart%22%3A0%2C%22responseStart%22%3A0%2C%22firstInterimResponseStart%22%3A0%2C%22responseEnd%22%3A4452.39999961853%2C%22transferSize%22%3A0%2C%22encodedBodySize%22%3A0%2C%22decodedBodySize%22%3A0%2C%22responseStatus%22%3A200%2C%22serverTiming%22%3A%5B%5D%2C%22metadata%22%3A%7B%22region%22%3A%22eu-central-1a%22%7D%7D&isIframe=false&m=%7B%22endpoint%22%3A%22epsilon.6sense.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=&d=1&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:35 GMT

GET
H2 200 dda53996456118190a640875fa0663b1.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 73ms
73ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Apr 2024 18:51:06 GMT
server: cloudflare
age: 465327
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87f62200887fe3df-TLV
content-length: 8015

GET
BLOB 200
OK 1d761518-d1ac-497a-8a31-53efe72ed4d8
https://www.zscaler.com/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.zscaler.com/1d761518-d1ac-497a-8a31-53efe72ed4d8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d02633239369d04c8812eff65b6c3fad7d08525efd85d2451de2a4bac9f0cfb

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 244ms
244ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.zscaler.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87f622008b9de3db-TLV
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 04:12:35 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 321 B
618 B 246ms
245ms Fetch
application/json 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7b2a1e7ec66641ad958a36774552cc40712f052e2db6542cacc01fd2dbcde58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer 370c892e688e1744cd312ed1426b3a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.zscaler.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"141-mLq6O+j3ZcyvZxAx4AvrvpOh24w"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zscaler.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 87f622021b7fe3df-TLV

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 239ms
239ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.zscaler.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:34 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 46D93EAFA1934A66AD2925F18C59117F Ref B: TLV30EDGE0321 Ref C: 2024-05-06T04:12:35Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.zscaler.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYXwUd3lx6jSnFWqnOBTg==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 185ms
184ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A34%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:35 GMT

GET
H2 200 3662e64da986368bbac2da241549a35b.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 78ms
78ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/3662e64da986368bbac2da241549a35b.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6635.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31fc7b35533d223ce9b8820fa8f3afe418a927272c5300f3a01129e40b959365

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 28 Mar 2024 14:28:46 GMT
server: cloudflare
age: 465326
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87f62201098ce3df-TLV
content-length: 30716

POST
H2 200 mon Show response
obs.iseaskies.com/ 0
147 B 7637ms
7637ms XHR
application/json 50.16.211.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/mon
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-211-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.zscaler.com
date: Mon, 06 May 2024 04:12:42 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 tc_imp.gif
obs.iseaskies.com/tracker/ 43 B
79 B 197ms
196ms Image
image/gif 50.16.211.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.iseaskies.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126beace33e2408f989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5811896d2e17071a10acf9f29f674fd483d8032b3f48fa2d70518539d830c551635626c250515f67010e95be3a4777be26bb25cb43e2903aee5367ab132a720fd950fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400035db386ee683e99332bd06b442c316f0496f70bfc72f02431e24f97999c140ab51258fc6e279126332a5de6c7fd6d5431f28406f0715a7902c701e56f2ab0b2093aef6298ee35d60013ee9f3e4869265bc8bdd5aee03945a6b609cec9db6f43497dceb3e92340dd2fec17d111ef16868ba8c063abbcaf1768a04fb4eae965d8013d9c56d9c7c71d6da2dc77ad795afedc5acb04876a36da8e8a5744e66e08c34d3ab01e61603438e1913989284d9c6ff9531c267c890b88b7ee96c343a837b3b9885de4329d6a765bb0ae69a5cd639ef7b450b0c9f78ff1ddbc4bf72b4c760964dbcc19cda27d6196f43bd1054533e112d89ec74b7058c9ac964b59961fa803cdd92a9a63dcffea75e6c3ed0a91e0a9bbb0a4e09f1eff43ffb6488e04eb1f232a02bf142c90a814a93d168d51035e5a79162373a650629024216ade08865d40ab0404a5135eae21dacc44159a0fca6eeae66d0ecfafd81f9abf84d473bfe4384b459708246631ade675e726ef469b3645b9ef9cb088963de3988a92ad1b90d997b0f3d21027c139fdce5db3c7b5186194595d3dea7b1ca530596acbc7d96cd7b67d9d2123f68e590d95622b53b845f9f19e4239a12dbcb1be4bb32e29e88ce995b7fece8387f9f75a184acb6179f68280b0692685f4db7a35e93f112ca9df6d44699c2de671c3d55bf23aa02ab51bb87619137473f4344223ca81fc6f96b20dd34a5f2f331cbd35fcf312afb03763e9ef6d00d5bea78f38617df032f5c38b43f2bcbec811eb9104d9c8c71f7cdc1edc4078309472807f36924559d94055ab23be2fadf4cf9a0ec4c0202fe6f5d4855b15f09828bf20a53d03463d9fcea5ddb96fe964b28ba2ca9533b129d327c2c84945d1ed5b4b681bbed4df330a772c77194cd10ceeefb222bfdc61d938cb4b3d8e1969061009eec26569223804ac01cf3ee2bb4dd929622e394dff9e75424d7b2b3bc51cb578b5b0a704d2b99d22b3cdc79f80c96983cac142ee56559d222eacd0634d73b2f421ec5aa8f3f8f8d0f7e3a1261&cri=EZahPsrnGe&ts=1065&cb=1714968755372
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-211-97.compute-1.amazonaws.com
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 06 May 2024 04:12:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 9721d4d2-bf38-497f-8f36-90536d55833f
https://www.zscaler.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.zscaler.com/9721d4d2-bf38-497f-8f36-90536d55833f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69230a9b125585537d41b492b7596df11355916307d043175461885a75133f6f

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 8221e346-cc7a-4199-80ca-49197f6abfbc
https://www.zscaler.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.zscaler.com/8221e346-cc7a-4199-80ca-49197f6abfbc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df4251e4c53e24adae0b8eced1b527d8b8b3b49ad9cd0095eb1db8649bdf5ece

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 1043ms
262ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-10SPJ4YJL9%3BUA-6177009-1&ga_client_id=1934855539.1714968754&shpt=Zloader%20%7C%20ThreatLabz&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221714968753%22%7D%5D%2C%22hardcoded_ga%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_tracking_id%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_client_id%22%3A%221934855539.1714968754%22%2C%22shpt%22%3A%22Zloader%20%7C%20ThreatLabz%22%2C%22dcm_cid%22%3A%221934855539.1714968754%22%2C%22mntnis%22%3A%22Gwvh7MyEA30i%2FG7G0oVn1j6Oxg1VqXH%2B%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1934855539.1714968754&available_ga=%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221714968753%22%7D%5D&hardcoded_ga=G-10SPJ4YJL9%3BUA-6177009-1&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cb=55744261651317496term%3Dvalue&shoid=%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&shadditional=language%3Den%2Cgoogletagmanager%3Dtrue%2Cadroll%3Dtrue%2Cga4%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&cb=55744261651317496term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 4dcb217d2369424e25e264e0d289d19f26906aa74d349444ffbc018e7b69b098

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:36 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

OPTIONS
H2 200 queue
st.fullcircleinsights.com/v1/visits/ Frame 0
0 708ms
708ms Preflight
application/json 54.230.228.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visits/queue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-63.muc50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: js-version,origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.zscaler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci,js-version
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.zscaler.com
content-length: 1
content-type: application/json
date: Mon, 06 May 2024 04:12:36 GMT
via: 1.1 3e8fb1cae95e63b7f329b9330db0c47a.cloudfront.net (CloudFront)
x-amz-apigw-id: XVLMOGaTvHcEEZw=
x-amz-cf-id: 2ANZ4LC-hFEkJw5dQvg3NdC3Kdcgqp3TK2-Ts7j0LymRqKezZPIiNA==
x-amz-cf-pop: MUC50-P5
x-amzn-requestid: d0048d17-a6a8-4e3b-a80e-43a952adc011
x-cache: Miss from cloudfront

POST
H2 200 queue Show response
st.fullcircleinsights.com/v1/visits/ 2 KB
3 KB 798ms
797ms XHR
application/json 54.230.228.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visits/queue
Requested by: Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=731c316a-c46e-4a94-81a9-7cfc0ea0d53e&domain=zscaler.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-63.muc50.r.cloudfront.net
Software: /
Resource Hash: 0dd67b3fa7cd365b47d70417a542803a6fc38a76a10f252dfda9910f8cba67d9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
js-version: 1.0.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
origin-fci: https://www.zscaler.com
Referer: https://www.zscaler.com/
x-api-key: qJ5ZUG1BW44UIJbuBg8oP93ofs3xOFTZ7XFCqaSv
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:37 GMT
via: 1.1 3e8fb1cae95e63b7f329b9330db0c47a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
x-amzn-trace-id: Root=1-663858b5-5e63dc2f7eecfad462cab2de;Parent=4dec7546596182a8;Sampled=0;lineage=adebd93c:0
x-amzn-requestid: 261a318a-f391-446e-ac23-b32bdafa73e9
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.zscaler.com
x-amz-apigw-id: XVLMVHdGvHcED0w=
content-length: 2141
x-amz-cf-id: kZAY2HGJwVjxIe0tjg_bR24b10GMnfwAJiUjg25ejawZBUQIHIZw2g==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 193ms
193ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A35%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:36 GMT

POST
H2 200 mon Show response
obs.iseaskies.com/ 0
39 B 7911ms
7910ms XHR
application/json 50.16.211.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/mon
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-211-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.zscaler.com
date: Mon, 06 May 2024 04:12:44 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.iseaskies.com/ 0
16 B 7944ms
7941ms XHR
application/json 50.16.211.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/mon
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-211-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.zscaler.com
date: Mon, 06 May 2024 04:12:44 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 1050ms
260ms Script
application/javascript 35.81.162.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8e207460283c3f2dc60ef835e79f0f76235bfefa37445f75cb5b9e2edb654364

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:37 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 0
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 186ms
186ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A36%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:37 GMT

GET
H/1.1 200
OK st Show response
px.mountain.com/ 5 KB
2 KB 796ms
280ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-10SPJ4YJL9%3BUA-6177009-1&ga_client_id=1934855539.1714968754&shpt=Zloader%20%7C%20ThreatLabz&ga_info=%7B%22status%22%3A%22OK%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221714968753%22%7D%5D%2C%22hardcoded_ga%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_tracking_id%22%3A%22G-10SPJ4YJL9%3BUA-6177009-1%22%2C%22ga_client_id%22%3A%221934855539.1714968754%22%2C%22shpt%22%3A%22Zloader%20%7C%20ThreatLabz%22%2C%22dcm_cid%22%3A%221934855539.1714968754%22%2C%22mntnis%22%3A%22Gwvh7MyEA30i%2FG7G0oVn1j6Oxg1VqXH%2B%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1934855539.1714968754&available_ga=%5B%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221714968753%22%7D%5D&hardcoded_ga=G-10SPJ4YJL9%3BUA-6177009-1&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&shoid=%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&shadditional=language%3Den%2Cgoogletagmanager%3Dtrue%2Cadroll%3Dtrue%2Cga4%3Dtrue&cb=1714968756320560&shguid=e6c00a6d-fa76-3680-9fe8-2d44150a9fb4&shgts=1714968757377
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 924e0302d89e3c2427e7676e8ca9bd499d4e68df3fdb92e628d212f20622db4c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:38 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 17
connection: close

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 302 KB
92 KB 351ms
225ms Script
application/javascript 104.22.1.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.zscaler.com
URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8dc91f5244ac28a3cea99ad5b7056f0f067c70e4d61402a226ae1c3603a7d6c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqS_aaHkM6HpVO-0xg6YrnegUFtwZ6-0yENAQ_OM081hRZxp9vxpPRaF5gC29ghYNS8fi0
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Tue, 23 Apr 2024 06:25:11 GMT
server: cloudflare
etag: W/"6444aafe6fb5235f1abe3bbc4c601cd3"
vary: Accept-Encoding
x-goog-hash: crc32c=r81Twg==, md5=ZESq/m+1I18avju8TGAc0w==
x-goog-generation: 1713715004064626
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 309248
cf-ray: 87f622123bb4e3cb-TLV
expires: Tue, 06 May 2025 04:12:38 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 187ms
187ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A37%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:38 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:38 GMT

POST
H2 200 mon Show response
obs.iseaskies.com/ 0
39 B 8471ms
8469ms XHR
application/json 50.16.211.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/mon
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-211-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.zscaler.com
date: Mon, 06 May 2024 04:12:46 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/zscaler.com/ 163 B
708 B 368ms
241ms Fetch
application/json 172.67.11.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/zscaler.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.11.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20594a73ecbdcb15e351a97aaed3f415fd3872c916d10a452bcb23b6329a06f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:12:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPr3cHNcKNxiVExri3qd5QedrvVPyJXMx2Hv2r7RWKkzIz14Hclw-2YYQqWWqbBxpWCK5D1O5_EwqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 20 Feb 2024 16:21:37 GMT
server: cloudflare
etag: W/"1abca27397efc7e08a17533c485a8b59"
vary: Accept-Encoding
x-goog-hash: crc32c=cr7nwQ==, md5=Gryic5fvx+CKF1M8SFqLWQ==
x-goog-generation: 1708446097855326
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 163
cf-ray: 87f6221e9fbae3db-TLV
expires: Tue, 06 May 2025 04:12:40 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 113ms
112ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je4510v883639532z871607006za200&_p=1714968752957&gcd=13l3l3l3l1&npa=0&dma=0&cid=1934855539.1714968754&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=8&sid=1714968753&sct=1&seg=0&dl=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&dt=Zloader%20%7C%20ThreatLabz&en=form_interaction&ep.allowLinker=true&ep.cookieDomain=auto&ep.firmographic_name_domain=(not%20set)%20((not%20set))&ep.firmographic_location=(not%20set)%3B%20(not%20set)%3B%20(not%20set)%3B%20&ep.firmographic_revenue=(not%20set)&ep.firmographic_employee=(not%20set)&ep.content_group=Blogs&ep.blog_parent_category=Security%20Research&ep.blog_published_date=20240429&ep.blog_child_category=Threatlabz%20Research&ep.author_name=Santiago%20Vicente&ep.nid=77891&epn.hit_timestamp=1714968753767&ep.site_classification=marketing&ep.page_language=en&ep.page_url=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&ep.loading_time_seconds=0&ep.form_interaction=mkto_form_ready&epn.event_label=7971&_et=2&tfd=9179
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zscaler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 192ms
191ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A38%20GMT%22%2C%22timeSpent%22%3A%221623%22%2C%22totalTimeSpent%22%3A%225629%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:40 GMT

POST mon
obs.iseaskies.com/ 0
0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 185ms
185ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A39%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226631%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:41 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 190ms
189ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A40%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227632%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:42 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 186ms
186ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A41%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%228633%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:43 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:43 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 185ms
185ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A42%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%229634%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:44 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 188ms
188ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A43%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%2210636%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:45 GMT

POST
H2 200 mon Show response
obs.iseaskies.com/ 0
39 B 225ms
224ms XHR
application/json 50.16.211.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.iseaskies.com/mon
Requested by: Host: ob.iseaskies.com
URL: https://ob.iseaskies.com/i/1395e54b70b06b444656a2f40c135374.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-211-97.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.zscaler.com
date: Mon, 06 May 2024 04:12:45 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 186ms
186ms Image
image/gif 2.18.66.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=e52f1725-fd8c-4870-8884-bafa0cf6422a&session=1963af2b-ecca-42b1-8fd0-3d146371379b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A47%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20May%202024%2004%3A12%3A44%20GMT%22%2C%22timeSpent%22%3A%223001%22%2C%22totalTimeSpent%22%3A%2213637%22%7D&isIframe=false&m=%7B%22description%22%3A%22Technical%20Analysis%20%7C%20Zloader%20revives%20an%20old%20ZeuS-inspired%20anti-analysis%20feature%2C%20implementing%20unique%20execution%20restrictions.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Zloader%20%7C%20ThreatLabz%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&pageViewId=8ef971b1-be01-457a-8afe-c2f52a898108&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.66.162 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-66-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.zscaler.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:12:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 06 May 2024 04:12:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/tags.js

Domain: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/295014050

Domain: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=5gm3a7p&ref=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&upid=27hmsyx&upv=1.1.0

Domain: obs.iseaskies.com
URL: https://obs.iseaskies.com/mon

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.zscaler.com/	1970-01-20 20:22:50	Name: __cf_bm Value: b_4l012OhoMkCcQxNmjLJCTlSdPKLYbhaPSlF22LHZM-1714968752-1.0.1.1-OzEAZ24eMgpW2qV5S2bH_UGOcGeiNiyTF1YWF6oQOa6MbS7y4Dl.tphPP75T5cZNWnzvVMyy3N4joVN4eRYZ.g
.www.zscaler.com/	1970-01-21 05:08:24	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+May+06+2024+07%3A12%3A33+GMT%2B0300+(%D7%A9%D7%A2%D7%95%D7%9F+%D7%99%D7%A9%D7%A8%D7%90%D7%9C+(%D7%A7%D7%99%D7%A5))&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&consentId=de540630-e3b6-437e-b2ea-89d46f768e1f&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.zscaler.com%2Fblogs%2Fsecurity-research%2Fzloader-learns-old-tricks&groups=C0004%3A0%2CC0001%3A1%2CC0005%3A0%2CC0002%3A0%2CC0003%3A0&hosts=H118%3A0%2CH36%3A1%2CH101%3A0%2CH150%3A0%2CH151%3A0%2CH129%3A0%2CH152%3A0%2CH52%3A0%2CH154%3A0%2CH133%3A0%2CH155%3A0%2CH156%3A0%2CH8%3A0%2CH157%3A0%2CH158%3A0%2CH159%3A0%2CH104%3A0%2CH160%3A0%2CH161%3A0%2CH162%3A0%2CH163%3A0%2CH164%3A0%2CH105%3A0%2CH14%3A0%2CH149%3A0%2CH146%3A0%2CH166%3A0%2CH40%3A0%2CH15%3A0%2CH168%3A0%2CH17%3A0%2CH170%3A0%2CH171%3A0%2CH172%3A0%2CH173%3A0%2CH63%3A0%2CH124%3A0%2CH174%3A0%2CH175%3A0%2CH176%3A0%2CH177%3A0%2CH178%3A0%2CH134%3A0%2CH135%3A0%2CH179%3A0%2CH147%3A0%2CH180%3A0%2CH136%3A0%2CH189%3A0%2CH181%3A0%2CH182%3A0%2CH108%3A0%2CH83%3A0%2CH183%3A0%2CH131%3A0%2CH184%3A0%2CH113%3A0%2CH186%3A0%2CH115%3A0%2CH33%3A0%2CH34%3A0%2CH187%3A0%2CH188%3A0%2CH120%3A1%2CH59%3A1%2CH88%3A1%2CH98%3A1%2CH141%3A1%2CH109%3A1%2CH45%3A1%2CH46%3A1%2CH100%3A1%2CH79%3A1%2CH132%3A1%2CH119%3A0%2CH12%3A0%2CH123%3A0%2CH4%3A0%2CH102%3A0%2CH76%3A0%2CH103%3A0%2CH82%3A0%2CH60%3A0%2CH96%3A0%2CH167%3A0%2CH20%3A0%2CH22%3A0%2CH97%3A0%2CH139%3A0%2CH121%3A0%2CH65%3A0%2CH110%3A0%2CH111%3A0%2CH112%3A0%2CH185%3A0%2CH114%3A0%2CH153%3A0%2CH144%3A0%2CH106%3A0%2CH140%3A0%2CH165%3A0%2CH169%3A0%2CH145%3A0%2CH130%3A0%2CH31%3A0%2CH116%3A0&genVendors=
.zscaler.com/	1970-01-20 22:32:24	Name: _gcl_au Value: 1.1.842775308.1714968754
.techtarget.com/	1970-01-20 20:22:50	Name: __cf_bm Value: 5GtGF1c9rBndACnakky8ivf7n519_OyB1E.cj9dHMW0-1714968753-1.0.1.1-4UVvCHNtwiiORfqxoNrdnW3Ei0xGFH9IcK3FFbrUnOh5NOCrWb2uNGIxvYHOLNGR6tFAbk.ZtXS3H3Vw1CGqMg
.zscaler.com/	1970-01-21 05:58:48	Name: _ga Value: GA1.1.1934855539.1714968754
.zscaler.com/	1970-01-21 05:58:48	Name: _ga_10SPJ4YJL9 Value: GS1.1.1714968753.1.0.1714968753.60.0.0
.zscaler.com/	1970-01-20 20:24:15	Name: _uetsid Value: dd51f3300b5e11ef822b9b25fd5aadc6
.zscaler.com/	1970-01-21 05:44:24	Name: _uetvid Value: dd523aa00b5e11efabcd29595f0d546b
www.zscaler.com/	1970-01-21 05:08:24	Name: __pdst Value: 79b35afebaba4b5c9bc8b2f085b267e5
info.zscaler.com/	1969-12-31 23:59:59	Name: BIGipServerabmweb-nginx-app_https Value: !ZFEjPKu1dMI0mO7agI9xdiUvaZp4gjNvnRA68S54jiE4plq+SjlXU7PDXVFAdOOE0vBgCf7BXbgKRg==
.zscaler.com/	1969-12-31 23:59:59	Name: _fcdscst Value: MTcxNDk2ODc1NDIwMw==
.zscaler.com/	1970-01-20 22:32:24	Name: _fbp Value: fb.1.1714968754220.1561943322
.zscaler.com/	1970-01-20 22:34:12	Name: _cq_duid Value: 1.1714968754.2NosyuxHhETkUe64
.zscaler.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1714968754.lB847ysfFBwC69Rf
.zscaler.com/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.zscaler.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.doubleclick.net/	1970-01-21 05:58:48	Name: IDE Value: AHWqTUlC-nHnbSIvZWLs0j6B3LS0otivKekHOrTDUCJS3cC_8ivHfvNPW_GK4eeLkh4
.doubleclick.net/	1970-01-21 00:42:00	Name: receive-cookie-deprecation Value: 1
www.zscaler.com/	1970-01-21 05:58:48	Name: _gd_visitor Value: e52f1725-fd8c-4870-8884-bafa0cf6422a
www.zscaler.com/	1970-01-20 20:23:03	Name: _gd_session Value: 1963af2b-ecca-42b1-8fd0-3d146371379b
.linkedin.com/	1970-01-20 22:32:24	Name: li_sugr Value: 846b7e33-222d-4d70-8520-06fc2be17873
.linkedin.com/	1970-01-21 05:08:24	Name: bcookie Value: "v=2&3f98b4f6-f06c-46a9-8823-867bd545b666"
.linkedin.com/	1970-01-20 20:24:15	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=3015:u=1:x=1:i=1714968754:t=1715055154:v=2:sig=AQH_ENCyqtS7yxwCrqTcrPsLhzTv6Dmp"
.d.adroll.com/	1970-01-21 05:51:36	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 05:51:36	Name: receive-cookie-deprecation Value: 1
.www.zscaler.com/	1970-01-21 05:08:46	Name: __adroll_fpc Value: e8a81f8997a62993e07441f85c6cbb7e-1714968754573
.adnxs.com/	1970-01-21 05:58:48	Name: receive-cookie-deprecation Value: 1
www.zscaler.com/	1970-01-20 20:32:53	Name: _an_uid Value: 0
.linkedin.com/	1970-01-20 21:06:00	Name: UserMatchHistory Value: AQL9pScGkkamGQAAAY9MGnnqb9R84SRbWq9bjBoSJlSG4HZH4WHyElH2pMZOhXgL6W43cb75_jpNWw
.linkedin.com/	1970-01-20 21:06:00	Name: AnalyticsSyncHistory Value: AQIYbysB8NbQBgAAAY9MGnnr1_kGs-c1ZKtfL_MuETlEQ1-6jAn56b02hLAwUmkpJy3vPRo11VYaZ7EpxXyVtw
.zscaler.com/	1970-01-20 20:24:15	Name: _ce.clock_event Value: 1
.www.zscaler.com/	1970-01-21 05:08:24	Name: __ar_v4 Value: %7CULSJHTPGTZGY3EPPZSKHKS%3A20240505%3A1%7C22OEOVE2YNFA3EKSRERISY%3A20240505%3A1%7CXYPZFM5QENHXRH7RBBI5PW%3A20240505%3A1
.www.zscaler.com/	1970-01-21 05:08:24	Name: _zitok Value: e2129fc4398ddabb4f671714968754
.www.linkedin.com/	1970-01-21 05:08:24	Name: bscookie Value: "v=1&20240506041234b25d5c34-d1c3-40cd-89e6-35fe0f46bd9dAQEN6Fw8ypT7VOFnM_ZJkLNCL7SO-y48"
.zoominfo.com/	1970-01-20 20:22:50	Name: __cf_bm Value: 8n62e_Sz4rp81XvXm7xiBQ424wLhG2CH_Kb8PF0CJvo-1714968755-1.0.1.1-cdFT2IGNzXzRXA2IN22_DVzq3C4VnOMr9A5MrEYd6HUDZmTkvleEv4SPURTk_MKmAU19oRmn3eKKXgjPx.B2EA
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: .hWXsDXZ5POq8SgkP99FjDBmPKQ3PysxBWrT7X3cJlg-1714968755157-0.0.1.1-604800000
.rlcdn.com/	1970-01-21 05:08:24	Name: rlas3 Value: qq2X2CPr+Bb3x0IzIp1uSrbzVrcSyN5ImdlJ0sMN/qQ=
.zscaler.com/	1970-01-20 20:24:15	Name: _ce.clock_data Value: 66%2C31.187.78.33%2C1%2Ca16ddaab909d2cf27fce353f26dd2ff2
.zscaler.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.adnxs.com/	1970-01-20 22:32:24	Name: XANDR_PANID Value: 3NHvEB3-SI0eAalCgto_3EmnzwUshyv6uwA_j0JcbdH3D-s1x9DefBio-5V2mWYP1uks00znzmfgShHJaPPZ2Yz1BpueQ7jrF-xYEatscxU.
.adnxs.com/	1970-01-20 22:32:24	Name: uuid2 Value: 5875359360647617125
.zscaler.com/	1970-01-21 05:08:24	Name: _ce.s Value: v~96b23a9c41b3a3469d0db6fce2dd54fbdb59f958~lcw~1714968755254~lva~1714968754412~vpv~0~v11.cs~366477~v11.s~de151650-0b5e-11ef-a5b2-8738b11a08fb~lcw~1714968755255
.openx.net/	1970-01-21 05:08:24	Name: i Value: bc165102-2ad5-42ad-acda-2b123fea7a3f\|1714968755
obs.iseaskies.com/	1970-01-21 04:26:39	Name: cg_uuid Value: 6f0a470c4e7e227b2ecc5a2a0b5ac0a8
.casalemedia.com/	1970-01-21 05:08:24	Name: CMID Value: ZjhYs4sFVlMAAAtDAcSxygAA
.casalemedia.com/	1970-01-20 22:32:24	Name: CMPS Value: 5003
.casalemedia.com/	1970-01-20 22:32:24	Name: CMPRO Value: 5003
.adnxs.com/	1970-01-20 22:32:24	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2In>iDsXG!]tbPl@/@8$-^=$U_hB2@-!ShF5vtO>rVe6A^za>pnszBMO%pA``nK'K6C?l+/wYLwJL^NF>`'qcih3If)y3KL9D3I?+in$XU7
.rlcdn.com/	1970-01-20 21:49:12	Name: pxrc Value: CLOx4bEGEgUI6AcQABIFCOhHEAA=
.taboola.com/	1970-01-21 05:08:24	Name: t_gid Value: 22f9b885-82ac-4b08-b3a4-d7622e0ab007-tuctd31de33
.taboola.com/	1970-01-21 05:08:24	Name: t_pt_gid Value: 22f9b885-82ac-4b08-b3a4-d7622e0ab007-tuctd31de33
.3lift.com/	1970-01-20 22:32:24	Name: tluidp Value: 2395404890093252199954
.3lift.com/	1970-01-20 22:32:24	Name: tluid Value: 2395404890093252199954
.pubmatic.com/	1970-01-20 22:32:24	Name: KRTBCOOKIE_10 Value: 22808-ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&KRTB&22883-ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM&KRTB&23504-ZjZjYTIzZmRjNDJiYmRhMWFkOWJiZDkyYTBkZTA0YTM
.pubmatic.com/	1970-01-20 21:06:00	Name: PugT Value: 1714968754
.rubiconproject.com/	1970-01-21 05:08:24	Name: khaos Value: LVUG48MY-22-L71M
.rubiconproject.com/	1970-01-21 05:08:24	Name: audit Value: 1\|TDe9rxcqJkR8+emGkTIQJbg0XK1kO3y0RGVelS21m0J+4SNCS7h+Y2SMgvP2UDFyT90DONLpDTKM1KxoLazIt7kxm0k08nop+R4DB+iLIkEKnVzRaz9J50Je/vQy9H+pu1qmXYiC8Yv5wnP0vyx0fUugfSj3xmRmcOGU5ZUahUvuJDUa07rbBw5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/	1970-01-20 22:32:24	Name: receive-cookie-deprecation Value: 1
.bidswitch.net/	1970-01-21 05:08:24	Name: tuuid Value: fff488f9-dd76-42f7-9f7d-5c70890b2a0d
.bidswitch.net/	1970-01-21 05:08:24	Name: c Value: 1714968755
.bidswitch.net/	1970-01-21 05:08:24	Name: tuuid_lu Value: 1714968755
.d.adroll.com/	1970-01-21 05:51:36	Name: __adroll Value: f6ca23fdc42bbda1ad9bbd92a0de04a3-g_1714968755-a_1714968754
.adroll.com/	1970-01-21 05:51:36	Name: __adroll_shared Value: f6ca23fdc42bbda1ad9bbd92a0de04a3-g_1714968755-a_1714968754
.yahoo.com/	1970-01-21 05:08:46	Name: A3 Value: d=AQABBLNYOGYCEGVwGcyKN88m_JJs7GSWs9sFEgEBAQGqOWZCZl5DyyMA_eMAAA&S=AQAAAkbdTvH1tt9MuCxoB6uwYb0
.analytics.yahoo.com/	1970-01-21 05:08:24	Name: IDSYNC Value: 1770~2i9g
.pippio.com/	1970-01-21 05:08:24	Name: did Value: beUBBNYTivPWRNSM
.pippio.com/	1970-01-21 05:08:24	Name: didts Value: 1714968755
.pippio.com/	1970-01-20 21:49:12	Name: nnls Value:
.pippio.com/	1970-01-20 21:49:12	Name: pxrc Value: CAA=
.zscaler.com/	1970-01-21 05:58:48	Name: _fcdscv Value: eyJDdXN0b21lcklkIjoiNzMxYzMxNmEtYzQ2ZS00YTk0LTgxYTktN2NmYzBlYTBkNTNlIiwiVmlzaXRvciI6eyJFbWFpbCI6bnVsbCwiRXh0ZXJuYWxWaXNpdG9ySWQiOiIwNTM2NTcwNy03ZDBlLTQ1NDAtYTFjNy1iOWUzNDkyMjA1ODEifSwiVmlzaXRzIjpbXSwiQWN0aXZpdGllcyI6W10sIkRpYWdub3N0aWNNZXNzYWdlIjpudWxsfQ==
.mountain.com/	1970-01-21 05:58:48	Name: guid Value: deb7e6f0-0b5e-11ef-b794-07275670b837
.px.mountain.com/	1970-01-21 05:58:48	Name: tt Value: "H4sIAAAAAAAAAKtW8guKNzYyNrKMN7IwtlCyMtBBEjG3NAaLICswNDc0sTSzMDe1MDS10FEqU7IyqgUAmuPkPEYAAAA="
.mountain.com/	1970-01-21 05:58:48	Name: rt Value: "MzIzMjk6MTcxNDk2ODc1OA=="

164 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK(Line 705) Message: Refused to load the script 'https://tag.clearbitscripts.com/v1/pk_4076c50391dc25ee5135d900b5939610/tags.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://bat.bing.com/p/action/295014050.js(Line 30) Message: Refused to load the script 'https://www.clarity.ms/tag/uet/295014050' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net *.jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://connect.facebook.net/signals/config/1778897272132032?v=2.9.155&r=stable&domain=www.zscaler.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://www.zscaler.com/9721d4d2-bf38-497f-8f36-90536d55833f(Line 1) Message: Error
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: The resource https://www.zscaler.com/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2Fimages%2Fblogs%2Fzloader_cover_image.jpeg&w=3840&q=75 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; img-src 'self' fast.wistia.com https: data: blob:; script-src 'self' 'unsafe-inline' https://ob.iseaskies.com https://obs.iseaskies.com .mountain.com https://netlify-rum.netlify.app j.6sc.co .adroll.com snap.licdn.com cdn.bizible.com cdn.pdst.fm connect.facebook.net trk.techtarget.com t.sf14g.com .marketo.net js.adsrvr.org .crazyegg.com https://cdnjs.cloudflare.com https://.cloudfront.net https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://sidebar.bugherd.com http://info.zscaler.com 'unsafe-eval' 'unsafe-inline' bat.bing.com https://widget.usersnap.com/ http://fast.wistia.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ https://resources.usersnap.com/ https://www.googletagmanager.com/gtag/ http://pipedream.wistia.com/ https://www.google-analytics.com/ https://cdn.acsbapp.com https://acsbapp.com https://www.googletagmanager.com js.driftt.com js.adsrvr.org assets.adobedtm.com bugcrowd.com .bugcrowdusercontent.com .googleadservices.com https://twin-iq.kickfire.com https://www.rumiview.com .linkedin.oribi.io gateway.zscalertwo.net .jquery.com www.youtube.com https://js.zi-scripts.com https://ws-assets.zoominfo.com https://ws-assets.zoominfo.com 'unsafe-eval' https://api.intellimize.co https://cdn.intellimize.co; font-src 'self' data: https://fonts.gstatic.com http://fonts.gstatic.com https://fast.wistia.com/assets https://acsbapp.com; style-src 'self' 'unsafe-inline' http://info.zscaler.com http://fonts.googleapis.com https://www.googletagmanager.com; connect-src 'self' blob: 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 35.83.209.52 44.238.33.223 54.190.217.118 44.240.152.58 54.69.255.140 52.88.179.26 34.238.149.65 52.7.151.245 44.209.137.118 35.81.173.170 34.210.219.79 52.37.218.4 52.42.124.195 52.89.99.220 35.85.106.161 44.235.191.156 52.12.117.226 35.81.162.201 34.212.4.35 https://ingesteer.services-prod.nsvcs.net fast.wistia.com https://google.com https://www.google.com www.google.co.in secure.adnxs.com cdn.linkedin.oribi.io .cloudfunctions.net ibc-flow.techtarget.com .mktoresp.com bat.bing.com .crazyegg.com .6sc.co st.fullcircleinsights.com https://.google-analytics.com https://region1.analytics.google.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://cms.zscaler.com https://www.zscaler.com https://sockjs.pusher.com wss://ws-mt1.pusher.com https://sessions.bugsnag.com https://.acsbapp.com https://.wistia.com https://.litix.io https://embedwistia-a.akamaihd.net http://pipedream.wistia.com/ https://www.google-analytics.com/ https://analytics.google.com https://stats.g.doubleclick.net https://ba5832d1af5a45e6ad89599ab3f2054d.us-central1.gcp.cloud.es.io https://www.googletagmanager.com .6sense.com .linkedin.oribi.io https://adservice.google.com http://embed.wistia.com https://px.ads.linkedin.com/ws https://www.facebook.com/tr/ https://px.ads.linkedin.com/wa/ https://acsbapp.com/apps/app/dist/js/locale/en-loader.json https://js.zi-scripts.com https://ws.zoominfo.com https://ws.zoominfo.com https://log.intellimize.co https://api.intellimize.co ob.iseaskies.com obs.iseaskies.com; media-src https://cms.zscaler.com https://fast.wistia.com/embed/ https://fast.wistia.com/assets/ blob: https://embedwistia-a.akamaihd.net https://embed-cloudfront.wistia.com js.driftt.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com; worker-src 'self' blob: ; frame-src 'self' blob: e.issuu.com insight.adsrvr.org www.facebook.com staging.visualize-roi.com https://www.visualize-roi.com https://.doubleclick.net https://bugcrowd.com https://fast.wistia.com https://fast.wistia.net http://info.zscaler.com https://sidebar.bugherd.com js.driftt.com insight.adsrvr.org match.adsrvr.org www.youtube.com https://zscaler.my.site.com/ https://zscalergov.my.site.com/ https://api.intellimize.co https://117186981.intellimizeio.com/; frame-ancestors 'self' https://testmydefenses.com https://www.testmydefenses.com https://zscalerext.okta.com https://cms.zscaler.com https://zscalergov.my.site.com/;
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN https://cms.zscaler.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

117186981.intellimizeio.com
8541430.fls.doubleclick.net
acsbapp.com
analytics.google.com
api.intellimize.co
assets-tracking.crazyegg.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.acsbapp.com
cdn.cookielaw.org
cdn.intellimize.co
cdn.pdst.fm
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d2i34c80a0ftze.cloudfront.net
dsum-sec.casalemedia.com
dx.mountain.com
eb2.3lift.com
epsilon.6sense.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gs.mountain.com
ib.adnxs.com
ibc-flow.techtarget.com
idsync.rlcdn.com
image2.pubmatic.com
info.zscaler.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.zi-scripts.com
log.intellimize.co
munchkin.marketo.net
ob.iseaskies.com
obs.iseaskies.com
pagestates-tracking.crazyegg.com
pippio.com
pixel.rubiconproject.com
px.ads.linkedin.com
px.mountain.com
s.adroll.com
script.crazyegg.com
secure.adnxs.com
snap.licdn.com
st.fullcircleinsights.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tag.clearbitscripts.com
tracking.crazyegg.com
trk.techtarget.com
ups.analytics.yahoo.com
us-central1-adaptive-growth.cloudfunctions.net
us-u.openx.net
ws-assets.zoominfo.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google.co.il
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.zscaler.com
x.bidswitch.net
insight.adsrvr.org
obs.iseaskies.com
tag.clearbitscripts.com
www.clarity.ms
104.16.117.43
104.17.71.206
104.18.29.74
104.18.32.137
104.18.36.196
104.18.37.212
104.19.147.8
104.19.178.52
104.22.1.204
104.96.137.199
107.178.254.65
108.138.36.16
108.138.40.116
13.107.42.14
13.248.142.121
141.226.228.48
142.250.186.130
142.250.186.163
142.250.186.68
142.250.74.198
151.101.2.132
157.240.253.1
157.240.253.35
172.217.16.200
172.217.18.2
172.217.18.98
172.64.151.101
172.67.11.155
18.173.154.10
18.173.187.81
185.89.211.116
198.47.127.205
2.18.66.162
2.18.66.72
2.18.66.8
204.79.197.237
216.239.34.181
216.239.36.54
3.75.62.37
34.111.208.231
35.214.149.91
35.244.142.80
35.244.159.8
35.244.174.68
35.81.162.201
35.85.106.161
44.209.137.118
44.212.189.233
50.16.211.97
52.18.221.207
52.31.17.50
52.49.52.83
54.195.89.156
54.200.185.84
54.230.228.29
54.230.228.63
54.230.228.9
69.173.144.165
70.42.32.63
74.125.71.157
76.223.111.18
0057c0a68b2a6998b10d731890ea3c145992ea61f7e18009466e7ab2fefc6a6d
02cf967312da416498f662d891dd432426488424f6334da0eb277059ecd2f59b
02ef3d4346add95520307127e5cbfbd7b9da8697720a7c9046d44188bd19d1b1
05dce95eaa2457f1ed9076e0d32b59680b654cf7ca6a4e35f3fe682c78f460b0
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
0a679410d59a063bd8f8db5d5a63fe26d5983eaca549b56ba787d12fdff8ebdd
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0d19075bd3c868a563b30067d54cf92d64871ab1bc48d3faf48e1a7a5c183838
0dd67b3fa7cd365b47d70417a542803a6fc38a76a10f252dfda9910f8cba67d9
109d7aa9c6f32a78c877db04e17d6b78c89dd5c539dc01bae82840b2ebd43bca
13153098a1f7a646d0baac385e415393a24d1014dd36c3901348cdd48f892e6a
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
1e7e36f3f88692d69244aa905916aabc0e00bcc987bbc4cef85324e8c3733266
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
258ac87e304908a79116737170a587d0ea6cb91c9fa2e10389e0c52b3a30f2b0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26025a47b1582b7afa02f08246c4328de778717557a16bb493e4e72b13eb395e
2754a14ac1a776b37870bb4734f027dea9326f4db6058e19cfbc50821c637813
27b2e007f61b8c7f485937b708b55fc232f68106a6737c27d21f06029c661c5a
2b0cd39d290a1403b6303c049dceebac871d07a5f776b53f4e425ec2235d16a8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31fc7b35533d223ce9b8820fa8f3afe418a927272c5300f3a01129e40b959365
3400d5139019f336e25e0f09f5e95d98c224fdb8e77cbcb984f716140f93aae8
3505d9c53423b2c2b85fa4fd199a6d5aa93246f0fd7d7e16ab3b63515842391e
35ca3c345643cec0d70db14c7ea0899ec8f9d59b913831d884d3ec538efe27ba
384dc68887878de88f97e0d0ba0d0a28df8796151bee87f5cbd6d11881878fe4
3869c9c38f2f384c6566fe03aacdea042a24043f776c1cd1a8c921a24d44f40e
3a641ac230f33d38ac487f219ec1990eba2795b1dba9b4a3d7c6fdc72be9a558
3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd
3b6688ee1f6273890d262f2f599f2a7b4c078b43fb277c658fd2781428932814
3d7cd6cff2acf1bb33a086e1864d19bcac99441610caf1e0b31eb11bd4a7bf19
3ec0e833a52ecbcba05d2e40baea4641cb41a643722c788e4fb106069388c6b9
413d0b57de62b151d631e5c63ca0b52a447578209f5bd960ce99471228f34a04
41635e062e487b56a91beaa760d53e414ddc1a334f0bb77936e9af413aa32077
42ccfbda27dec5ae7a19c1550eb261f3981abfb5e308783c685e3dd32cd35f32
453d1d7e123dbb1eb52bd8bcea12a17ed52a2362bf5b6a7fa629ba720a0e6f41
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dcb217d2369424e25e264e0d289d19f26906aa74d349444ffbc018e7b69b098
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2d33d97cbdcfb218f09bf9f41397d54f93dbd026701b77e39fd1bcfe0648ba
4faaacc39dd07bf37157f521f689806d5c3984c8ff4d4694faa17f5d83c56430
4fc2b8881cc175d02acfc96169583d91391af80c3ede0d35780b633dca2792ca
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57ed77c89795357298d03fc544da139c6b01e1a564a1e1a8b4d16a37d8e06ac9
5d6346e978f8214288a06312ff6006113d1ef96be66755c67b00d4b24490edd4
5dda312d02db8df754ed011057bb3620ee5301ce035a482fec5e1b74ca370a66
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
62587a197f07c6b6a23892af6513886d6d79d4bf3af4c86c0971887ee6d679de
6487817342cc7311d0f8603168a7edba803aa7de8813673eb155e8ea8b77b32c
6531326e86bed2b8e128e650cbc0c0b4163e8c0f161bdd7783070b14a6a3a21d
6635c7a8c9340a594fe3030b37828f0bcc792414b520f48f3e8b566e78e8239e
69230a9b125585537d41b492b7596df11355916307d043175461885a75133f6f
693d540c3804dd037b7d65e94edc1041e651315843aea34021739e3674baa57b
6d2e114404dda043af4ce7239a6e0e1c5cc03cef284ef6388aeb6846d9140461
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
707c1bad90428521a6697654f9dc841a3cf030a8d4fd8150f47545927d8ccada
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7809d6093100111004ddd4456577418652228b34c3bb0ec3054cbbe1edbb427a
785b06271ed09023b9611c2c12471a85974343d9f666697cd31d70d2143db362
79e4c7ae4935ffccf99e5f7e878bd26041f9b26e242371fa2b9a0d25e828010a
7aa0e0bbf58cd1dfc9312e887eadfd2504f44a643772c835be7db1b3777a4301
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7b2a1e7ec66641ad958a36774552cc40712f052e2db6542cacc01fd2dbcde58c
7d02633239369d04c8812eff65b6c3fad7d08525efd85d2451de2a4bac9f0cfb
7d7420dc00f6c2095845ed3099c8c38269d37ed054a8570135082f433b717ad7
7e1b62ebdc0c45ecba861f2fb9a04dbc120ac946fd065cb22a4d2d1d09e3e3c9
7f5ebeaa6de1cfc0d227fe847777538018f82fa1d37793f3a4842d7d73810b21
80b96764ac47d507c3819ae08cd615034e22d5d06f735c42936940e2e26fe300
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82aac3ca89e85b8e13207f545a591b1bc522138a1c956584fb942e8c82247eab
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
87edca219af81380a8231439fd41594925fb25517922718abc0dccc3523ac75c
89fde8fd7b0ad034128435bc21892e617683afdfb5cd4fef39c0bd6ff7d53723
8d5faabfef8a098483b94198ce9e3eb18f4384e9d4bc9c1942bc6708d91afcc2
8e207460283c3f2dc60ef835e79f0f76235bfefa37445f75cb5b9e2edb654364
8f5f726e6830cdc3a13f47bfd4aa4440c03de4bcf4548a25d691d9b46778704f
924e0302d89e3c2427e7676e8ca9bd499d4e68df3fdb92e628d212f20622db4c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a0d5f53562170f7c12e461461664118c6c5e6f77a2dec0e5cfae560f6f32efe
9dd93b89faa1f4642b0a4a84a36bccf5174c8af4a024d9291ed1e0300db58bcd
9e132bc877dade68a5609e803549d6cead1c132d310dcc037de34d87fe00c5cc
a47b498472092adf4da0451456ce658bdc5609fb42ea91629be03da7a63b6768
a4af0b01450048bffd9bb79f9ab3f23695ce50aca800091d3394d69096ca45d6
a576b7aa84fa1b309db84578ebfcb4bad6448889a85235382b192cb4abce726e
a59c47eb140647df6f4553a451fc7073b34921b1f209e518a90185a66ae1d179
a72c1407e4df69175587756d01e2537a2f8722e59a5a7581f37a7ce36747e7d7
aa2b8282a1438a0e53971aa29a5c54f2911a3cb79b44cc20f8521ead150c458f
abefd4b0cac8cd4273a604eaedbec4a592118b668795df25017210e9867206a6
aced6f454a1b5a260caf5d0bfbf87c01d01df485096331aabc3d031ce6fc3870
ae9ce01eeaeb30d4044b4b309035579a53b0e534e28cbb8828f5b4f648514c10
aeb4f550ed77db15c0a7bd079c8be9c84eb3df8de661ba2552d7cc82032a2830
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395
b723465c9d3d9a5e67309ad2cdad6f0b586ee3f53f3ff7b20e008dfbe7cc8584
b7eff4b4361c8058fbe407d9e1e0e14f425df85f01cd295f6e1ac1271a3ff6bc
b85ec3e17f4619963eded7c804deb7bb37174ac37915b048212166ede58ff344
b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8
ba7ddc5097ecf75ca3ce02057e9313d82a6e3a6a177ee9e4765f55b2f8231715
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be2f69ffcfe783832c1641c581de35e6677bab90fbeec90c9cb4e033b8449434
be48aeb17e89e2212d758e1e57d2cf1c86fe08d9101c2c07c722b16a0015a29f
beac035e4d7e7ca8063a81be0994cfc994d5f1c7539091659834203e076476ac
c7c86bc6610cf47c78b385c56c63c1a3393f1369e84150f7a64b22495c1c7bc0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc25f2f1b34b8a8f05f370af8e86cd64f1869c5f7e27913469a752da5fc55235
ce4e274c5793e7cd62cb67e2630278ef4a470b4baa35cb3b42e145717faed336
d47e7fcf5a32612fac2149d801a0c4418e1ff747414ee7300a4d4a3c9a9ac179
d69e3303757e223cc0fd92ec05e7f0eb6ca17c61c857cf273f19d181ad2afd47
d6e01a0d6a5a0c0a453da393b3560c757dfb52340eab2e6a0cfa15040c4403eb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd075bb03002d1faf233414ca4555bcba7bf1e7ac8b193ce7d7aa391ad4b08a9
decf18e6ed4b163a7a0ef6ddecbafcfb300be5f0cd98140960efc65adb115c59
df4251e4c53e24adae0b8eced1b527d8b8b3b49ad9cd0095eb1db8649bdf5ece
e18b14430cd1faeca647e05ade580e5745dbc75350b454e7073127ecbbbd9fa8
e20594a73ecbdcb15e351a97aaed3f415fd3872c916d10a452bcb23b6329a06f
e3078f501977e2185b646c2f5a7d017a8b562bdbd5b28df7640bd52cba8f377d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a1e90281fb5f6bd8c4df8697f16fdd66b968afe67e22f20130b2a212910ddb
ebd58828e038cca92ff4ced77a288c6249a4fde938f2148863b9cd187d7d9235
ec09e6ea3a9912c8e7c4640d0907355978c3fc6383eccedfbab424efbd863ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
f8dc91f5244ac28a3cea99ad5b7056f0f067c70e4d61402a226ae1c3603a7d6c
fabf6a7d218d7784fd84a023a99c8a06e50b83e0c2cb34200811d3f0ac212c3a
fbb2df2831ea2234d9a6db640b566056945c3025380ddb99653c9546f6fca8e4
fcd0d01f674bf8bc63ee2236eb16f008bdfaa10ff622806b05b762a88ac3498c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff10c1fe39489bf9f57c9dc9e8ccc064dfdfd4dec949636d5deeba2a8f2da2f0

www.zscaler.com Open in urlscan Pro 104.18.29.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

199 Requests

87 %HTTPS

0 %IPv6

45 Domains

68 Subdomains

60 IPs

7 Countries

2103 kBTransfer

6674 kBSize

73 Cookies

24 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zscaler.com Open in urlscan Pro
104.18.29.74 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

87 %
HTTPS

0 %
IPv6

45
Domains

68
Subdomains

60
IPs

7
Countries

2103 kB
Transfer

6674 kB
Size

73
Cookies

199 HTTP transactions
0 data transactions