trust.zscaler.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 104.18.2.238, located in United States and belongs to CLOUDFLARENET, US. The main domain is trust.zscaler.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 16th 2021. Valid for: a year.

This is the only time trust.zscaler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.166.119.124 35.166.119.124	16509 (AMAZON-02) (AMAZON-02)
2	104.18.2.238 104.18.2.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2

1 35.166.119.124 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-119-124.us-west-2.compute.amazonaws.com

trust.zscalerthree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.2.238 (United States)

ASN13335 (CLOUDFLARENET, US)

trust.zscaler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	zscaler.com trust.zscaler.com	2 KB
1	jquery.com code.jquery.com	30 KB
1	zscalerthree.net 1 redirects trust.zscalerthree.net	276 B
3	3

	Domain	Requested by
2	trust.zscaler.com	trust.zscaler.com
1	code.jquery.com	trust.zscaler.com
1	trust.zscalerthree.net	1 redirects
3	3

This site contains no links.

Subject Issuer	Validity	Valid
trust.zscaler.com DigiCert SHA2 Extended Validation Server CA	`2021-08-16` - `2022-09-16`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://trust.zscaler.com/?cloud=trust.zscalerthree.net
Frame ID: E7DFB0CE085D9A7A4D415B77F4BCC465
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://trust.zscalerthree.net/ HTTP 301
https://trust.zscaler.com/?cloud=trust.zscalerthree.net Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

3
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

32 kB
Transfer

4585 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trust.zscalerthree.net/ HTTP 301
https://trust.zscaler.com/?cloud=trust.zscalerthree.net Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
trust.zscaler.com/
Redirect Chain

https://trust.zscalerthree.net/
https://trust.zscaler.com/?cloud=trust.zscalerthree.net

2 KB
2 KB

969ms
719ms

Document
text/html

104.18.2.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trust.zscaler.com/?cloud=trust.zscalerthree.net

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aea50a94fb820bde46b62b3178a7fc654540ddbf0fa510b069f496a39da88b20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' https://api.config.zscaler.com https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://api.config.zscaler.com https://bam.nr-data.net https://d28ugnmffgnucw.cloudfront.net/zsstats/;object-src 'none';manifest-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' www.googletagmanager.com https://code.jquery.com/ https://www.google-analytics.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://js-agent.newrelic.com https://bam.nr-data.net;style-src 'self' https://fonts.googleapis.com/css https://cdn.cookielaw.org 'unsafe-inline';img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://www.google.co.in/ads/ga-audiences https://www.google.com/ads/ga-audiences https://cdn.cookielaw.org;font-src 'self' data: https://use.fontawesome.com/releases/ https://fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: trust.zscaler.com
:scheme: https
:path: /?cloud=trust.zscalerthree.net
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:44:05 GMT
content-type: text/html; charset=UTF-8
access-control-allow-headers: credentials, Content-Type, Authorization, X-CSRF-Token
cache-control: max-age=3600
content-language: en
last-modified: Thu, 26 Aug 2021 13:51:59 GMT
strict-transport-security: max-age=31536000;
vary: Cookie,Accept-Encoding;,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-test: 23:36
content-security-policy: default-src 'self';connect-src 'self' https://api.config.zscaler.com https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://api.config.zscaler.com https://bam.nr-data.net https://d28ugnmffgnucw.cloudfront.net/zsstats/;object-src 'none';manifest-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' www.googletagmanager.com https://code.jquery.com/ https://www.google-analytics.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://js-agent.newrelic.com https://bam.nr-data.net;style-src 'self' https://fonts.googleapis.com/css https://cdn.cookielaw.org 'unsafe-inline';img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://www.google.co.in/ads/ga-audiences https://www.google.com/ads/ga-audiences https://cdn.cookielaw.org;font-src 'self' data: https://use.fontawesome.com/releases/ https://fonts.gstatic.com;
x-request-id: v-f8430d22-06a5-11ec-955c-276ce999fd30
x-ah-environment: prod
via: varnish
x-cache: HIT
x-cache-hits: 2
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 684f8d7dfdf008a7-CDG
content-encoding: gzip

Redirect headers

server: nginx
date: Thu, 26 Aug 2021 19:44:04 GMT
content-type: text/html; charset=iso-8859-1
content-length: 262
location: https://trust.zscaler.com?cloud=trust.zscalerthree.net
x-content-type-options: nosniff
cache-control: max-age=1209600
expires: Wed, 01 Sep 2021 07:36:24 GMT
x-request-id: v-fdac9cca-fff6-11eb-9c6b-17302b532e14
age: 734859
via: varnish
x-cache: HIT
x-cache-hits: 96

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 26ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: trust.zscaler.com
URL: https://trust.zscaler.com/?cloud=trust.zscalerthree.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Origin: https://trust.zscaler.com
Referer: https://trust.zscaler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:44:05 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1630007045.dop220.fr8.t,1630007045.cds226.fr8.hn,1630007045.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 main.d7da6d4fbce9ecaec256.js
trust.zscaler.com/frontend-public/js/ 4 MB
0 55ms
55ms Script
application/javascript 104.18.2.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trust.zscaler.com/frontend-public/js/main.d7da6d4fbce9ecaec256.js

Requested by

Host: trust.zscaler.com
URL: https://trust.zscaler.com/?cloud=trust.zscalerthree.net

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /frontend-public/js/main.d7da6d4fbce9ecaec256.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: trust.zscaler.com
referer: https://trust.zscaler.com/?cloud=trust.zscalerthree.net
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://trust.zscaler.com/?cloud=trust.zscalerthree.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20207
x-cache: HIT
x-cache-hits: 8
x-ah-environment: prod
content-length: 1291225
x-request-id: v-e1e7f35c-0674-11ec-a229-e30e5498cc61
last-modified: Thu, 26 Aug 2021 13:51:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host,Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 684f8d82ecb108a7-CDG
expires: Thu, 09 Sep 2021 13:52:41 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';connect-src 'self' https://api.config.zscaler.com https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://api.config.zscaler.com https://bam.nr-data.net https://d28ugnmffgnucw.cloudfront.net/zsstats/;object-src 'none';manifest-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' www.googletagmanager.com https://code.jquery.com/ https://www.google-analytics.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://js-agent.newrelic.com https://bam.nr-data.net;style-src 'self' https://fonts.googleapis.com/css https://cdn.cookielaw.org 'unsafe-inline';img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://www.google.co.in/ads/ga-audiences https://www.google.com/ads/ga-audiences https://cdn.cookielaw.org;font-src 'self' data: https://use.fontawesome.com/releases/ https://fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
trust.zscaler.com
trust.zscalerthree.net
104.18.2.238
2001:4de0:ac18::1:a:3b
35.166.119.124
aea50a94fb820bde46b62b3178a7fc654540ddbf0fa510b069f496a39da88b20
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

trust.zscaler.com Open in urlscan Pro 104.18.2.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

32 kBTransfer

4585 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

trust.zscaler.com Open in urlscan Pro
104.18.2.238 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

32 kB
Transfer

4585 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions