Report - www.sccm.org/Files/setup.zip

Report Overview

Submitted URL
www.sccm.org/Files/setup.zip
IP
52.237.132.233
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-10-04 11:54:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
9289677.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	618 B	1.3 kB	142.250.74.70
assets.adobedtm.com	512	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	21 kB	23.38.200.237
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.4 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.0 kB	13 kB	142.250.74.3
marco.feathr.co	16227	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	802 B	143.204.55.31
static.ads-twitter.com	614	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	16 kB	151.101.84.157
match.adsrvr.org	349	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	442 B	352 B	52.223.40.198
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	854 B	874 B	142.250.74.3
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
cdn.feathr.co	23752	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	861 B	172.67.159.92
twin-iq.kickfire.com	28814	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	843 B	1.7 kB	34.208.31.23
polo.feathr.co	15887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	18 kB	34.198.183.83
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	684 B	559 B	216.239.32.36
analytics.twitter.com	526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	726 B	613 B	104.244.42.67
10176109.fls.doubleclick.net	684457	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	618 B	1.3 kB	142.250.74.70
www.rumiview.com	25977	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	85 kB	199.185.0.231
tags.crwdcntrl.net	2166	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	536 B	54.230.111.122
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	42 kB	216.58.207.195
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	64 kB	142.250.74.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	21 kB	142.250.74.174
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	869 B	873 B	142.250.74.98
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	2.3 kB	192.124.249.36
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.39.175.179
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	2.2 kB	142.250.74.10
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	1.9 kB	104.18.21.226
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	373 B	31.13.72.36
www.sccm.org	513749	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	334 kB	52.237.132.233
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.1 kB	142.250.74.34
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.3 kB	142.250.74.98
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	1.9 kB	104.18.20.226
sccm.informz.net	804256	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	30 kB	3.212.38.122
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	3.2 kB	31.13.72.12
bcp.crwdcntrl.net	699	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	2.3 kB	52.18.161.218
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	709 B	593 B	104.244.42.197
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	143.204.42.88
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-04	medium	www.sccm.org/Files/setup.zip	Malware
2022-10-04	medium	www.sccm.org/Files/setup.zip	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (47)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=DC-9289677	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=DC-9289677 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-08 05:47:34 Times Seen1 Hash b148d8af538b4a6c10199baaa8a04d65 7558db3e38569287ce520ea408ee5ccdb3f0ebdd 83c8e85ded229362440211575f03abd75bb9e6728e767c1df1dd655e246af022 Loading...

	www.sccm.org/Files/setup.zip	151 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:28 Times Seen2 Hash 2a71319b0ef88ee852bc74e42115d26f 577dee082ae805bca1d04f2fd2fdbcd3d6182e22 89ab00fc4176902cb37a124ff2e8f0c2c7026c907d081675ffb34dda206fc236 Loading...

	www.sccm.org/Files/setup.zip	473 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:28 Times Seen2 Hash e82ddda9cac6a8c4639ffffeea608344 6bf700a7954d04c443bd3a41316ee83376994eb9 fcd80f884476313b23a46a85578b49017b469a0ba6b976fb96034a8b3a14fc5a Loading...

	www.rumiview.com/containers/c981446a-d8a9-4500-894e-cbb64bfabd5f.js	222 kB	2023-03-08	2024-02-13
Pretty URL www.rumiview.com/containers/c981446a-d8a9-4500-894e-cbb64bfabd5f.js IP 199.185.0.231 ASN #21592 MULTIVIEW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:29 Times Seen3 Hash 80862cf32ac4b88f0c9b4cf4a7cdbbfe e23645de006abb88989791e3a6e59c716d0bb3f8 6bc17383247296ec710d9592bb4c37e5f6581acda1b7732148cc0a82c3de98f5 Loading...

	www.sccm.org/Files/setup.zip	527 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:27 Times Seen2 Hash 5628c4010ad5436b4f976c2175ba50f9 bb1f363fec9368e836386d02e0052bab545f895b 85db48e3cf75b06fd6995f7d684558ee4ebda312bab45aa8daae7762ce3e8bae Loading...

	www.sccm.org/CMSScripts/Custom/SCCMv2/mix.js	94 kB	2023-03-08	2024-02-13
Pretty URL www.sccm.org/CMSScripts/Custom/SCCMv2/mix.js IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:28 Times Seen3 Hash 0a9bd8ee7459e0bd3becbb2a69fe90a0 861b7bd571c2b7885e980c1420248b8c422a0db2 8302906f9bf08391e762ec29aa78639e24fc92f7cad4b4fa219c56da938473c3 Loading...

	www.sccm.org/Files/setup.zip	232 B	2023-03-08	2023-11-27
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-11-27 02:09:19 Times Seen5 Hash c08d1508e1741f55c0791849a23b38c8 cd8b01fb817643e29bc78afb003888a748751cd2 7bc5659eaae8992322b28132df5c1c9d274196a856f65dfc476fe8faef97ca7f Loading...

	www.sccm.org/Files/setup.zip	115 B	2023-03-07	2024-04-17
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:39 Last Seen2024-04-17 18:11:22 Times Seen126 Hash 67a4640885587cb1a55afd6496f6c2e8 bda12577689a2197720946e57102e40397d0ce04 4d2e304d8cbd70bfde174c30dc453dbdb243a411d05a99b0444eae4e1550baee Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 00:32:43 Times Seen37027698 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-XS16NXWSRG&l=dataLayer&cx=c	214 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-XS16NXWSRG&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-08 05:47:34 Times Seen1 Hash d3fabdcff442d62503a3371013b57a2a c5fc5214db54375749a7477e1f45c013c4d5e5ac efa11f342720d1bf9dc864d5ab50b8bc1303a5c91f8779649a1399e3f83902ca Loading...

	www.sccm.org/Files/setup.zip	565 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:27 Times Seen2 Hash a6ca023434e07dc05da93c0da126c840 34deca5924e0832010f1adf7c15131f4d5be8210 9e67a5921a0c8b8cf31552448bb20c8d8c14e446ca07b8b8817d771584d0309f Loading...

	tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671	39 kB	2023-03-08	2023-04-10
Pretty URL tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671 IP 54.230.111.122 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-04-10 15:43:28 Times Seen4 Hash e26dc14e3772420eb25f71c12f0da49b 8a02a4965047176e86ebb43c97b160d16624f39a 5fef8577b566c5bd797c4c905e0a52db4d2f81628460c868c97f9ce3b85f0b44 Loading...

	www.sccm.org/Files/setup.zip	554 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:28 Times Seen2 Hash 3281e592ee0a93947fe18c001acff91b 448ff01838417555e211520088574aa8e84effdd 6cdb66ef3da71da6a63be60af22829dff5a523def85204dbb8cca8bbf04b2e06 Loading...

	www.sccm.org/Files/setup.zip	125 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:26 Times Seen2 Hash f3a56c9009d4970eef965e173fb3930f 0a6672e0bf6e4f44e7ca8dc201fe752104136976 2abd538468e27eb80253a1f0a148f20f403ddc0cc4bbe17c391f99c6fec65aa0 Loading...

	www.sccm.org/Files/setup.zip	1.3 kB	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:27 Times Seen2 Hash f0ec8bd3965b4de77f5b9205255483a1 7ffdd593dcf16dd1fd96d5a1e990142543067a8e b7d0fe9bcb59c97167788e0014ef761b68b14b1f647ae9f68bacc7f5d0d1bb33 Loading...

	www.sccm.org/WebResource.axd?d=0watXEZJSNe_h8szJufL_oMy5atbSlW5Pyku23n3-GJf-e0wMncQU5j4iw_vLt7CwaiQUKgEaGMBSaSI0Ie1Dhc5BCY1&t=637814444020000000	23 kB	2023-03-07	2024-04-23
Pretty URL www.sccm.org/WebResource.axd?d=0watXEZJSNe_h8szJufL_oMy5atbSlW5Pyku23n3-GJf-e0wMncQU5j4iw_vLt7CwaiQUKgEaGMBSaSI0Ie1Dhc5BCY1&t=637814444020000000 IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:31 Last Seen2024-04-23 22:05:46 Times Seen42289 Hash 90ea7274f19755002360945d54c2a0d7 647b5d8bf7d119a2c97895363a07a0c6eb8cd284 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db Loading...

	www.sccm.org/ScriptResource.axd?d=v5wHE0lqA55O0ag01YayvjPOeLe2WUJygB2xnqDPqgojnWAcW8eopkSrqE4rszaVfmkmh9qunBWGhSCDU692wNP9wGFIlJyQBGP9QaYG_vbNkfjAn2VoRwL2DjK5syRH6aw-Y9Zpzn2T3W5nWDspQ3NFjHI1&t=7c776dc1	6.4 kB	2023-03-08	2023-12-05
Pretty URL www.sccm.org/ScriptResource.axd?d=v5wHE0lqA55O0ag01YayvjPOeLe2WUJygB2xnqDPqgojnWAcW8eopkSrqE4rszaVfmkmh9qunBWGhSCDU692wNP9wGFIlJyQBGP9QaYG_vbNkfjAn2VoRwL2DjK5syRH6aw-Y9Zpzn2T3W5nWDspQ3NFjHI1&t=7c776dc1 IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:38:07 Last Seen2023-12-05 08:09:52 Times Seen8 Hash 3601137efd2bc312c42de965f54deb75 b5f821dd31eff8103456e120baee0d5a136c06fc 32f55c50d21c4372bca6312f7f3667173fdb77c5f72f1ff8754204c6a20b7835 Loading...

	www.sccm.org/Files/setup.zip	403 B	2023-03-08	2023-03-08
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-08 05:47:34 Times Seen1 Hash 94d64122a4f560dd371db19e5449fe7f 2f4f7885e043af852c614bc2830c53e1b5b23774 ee090a162e58c63aca234a9b62f7837b4edb5a1c873782c214d47c380a827d99 Loading...

	polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1664884454301	290 B	2023-03-08	2023-03-08
Pretty URL polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1664884454301 IP 34.198.183.83 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-08 05:47:34 Times Seen1 Hash 3bd3fb577b6cf81fb055860dcd7aaaab e1f893d619a9f51bebb1e5f83c53ebbd2845e638 307329d35213510a00eb2b1cf154160f5023e9446137905d87de2e595b745d3d Loading...

	www.sccm.org/Files/setup.zip	126 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:28 Times Seen2 Hash 9032540555ae97d9db1b8c4511faa50f 19d02ff0be290ba20f6924327cfac1a5c127c5c0 9088f76ed40c66791d5dd7930b39de6d9a41e514a895be5a7a98d9a76aa3eecf Loading...

	www.sccm.org/Files/setup.zip	341 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:26 Times Seen2 Hash 9f43f1e02f8bf54721d5f17209cd40ac dd4348a38faaceba39beaa2e9494041a1f923258 ee7b4b2b67e616b0f87febdd3776db2819335304604fbadcbd67b5ad0710e5db Loading...

	www.sccm.org/ScriptResource.axd?d=YEhAFQxkZxblJtr0E4G7Y_817BAVo92kIfg2xRpQZs5jbt3fybQ45XS-5MjSsdjGzwklgelVImCVS1wd_BBX3xcg5z4bg_i9zfA80h11gnBSz5i-7EqbYI_WS59v5rdYqHaIZA2&t=7c776dc1	21 kB	2023-03-07	2024-04-16
Pretty URL www.sccm.org/ScriptResource.axd?d=YEhAFQxkZxblJtr0E4G7Y_817BAVo92kIfg2xRpQZs5jbt3fybQ45XS-5MjSsdjGzwklgelVImCVS1wd_BBX3xcg5z4bg_i9zfA80h11gnBSz5i-7EqbYI_WS59v5rdYqHaIZA2&t=7c776dc1 IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:40 Last Seen2024-04-16 01:37:04 Times Seen20 Hash 44a21d61ec4ff08020066075a5cd1e7d 12841b74cdf16fad5d6032ce147be4ae3fb24857 339cf00d7bd0e014b4b15a8afb0e9c4667604aa843cee1d23c6c3b79c0d4830b Loading...

	www.sccm.org/CMSScripts/Custom/SCCMv2/popper.min.js	21 kB	2023-03-07	2024-02-13
Pretty URL www.sccm.org/CMSScripts/Custom/SCCMv2/popper.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:58 Last Seen2024-02-13 20:11:28 Times Seen36 Hash f3be40c79eb3c99245088be95d024b78 ec2608fba6d6e827b8fdd0886ad8b70e8ff02647 4da459ba1114414379aa4156c25fd3be16d4c04f641bb428c0650903a24780f7 Loading...

	www.googletagmanager.com/gtag/destination?id=DC-10176109&l=dataLayer&cx=c	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/destination?id=DC-10176109&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-08 05:47:34 Times Seen1 Hash 27201c3a53252b5385b137737c948745 3c615c58dd253db03935554ed3de769b6ed3037f 7a9c3839d7843f5567a234a1609db685cd2d7d82258d07a3beb00dd6cedb4b60 Loading...

	www.rumiview.com/ppms.js	73 kB	2023-03-07	2023-11-27
Pretty URL www.rumiview.com/ppms.js IP 199.185.0.231 ASN #21592 MULTIVIEW Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:51:28 Last Seen2023-11-27 02:01:09 Times Seen443 Hash bd565ee8cee400a791a78493a80df143 561b997b29f10b9ed30b36f91767e8da41e6d614 6995c7720622636886885ab1e7f235f19386adf19c0681bf48cebf5fb48e1ef4 Loading...

	www.sccm.org/Files/setup.zip	358 B	2023-03-07	2024-04-17
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:39 Last Seen2024-04-17 18:11:22 Times Seen287 Hash 53d36457ae975827e1d3b03399cd0cae a51e9e95e52edb54ff085dcf4cd7a2ffd7268f9c dd509198d288260ccb0af06bc7fccaf7806220ffc6e5477601312a0ea3a59773 Loading...

	www.sccm.org/Files/setup.zip	70 B	2023-03-07	2024-03-12
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40:44 Last Seen2024-03-12 12:15:05 Times Seen48 Hash dae81075726cfe7647f42c58fe5adb9c 48af2fda0845a5e53a2d6c55046521915e32138e 9e7025e65411727d42ca027c72aa1e4598dc46e83ca97c227e99d185d842b2f5 Loading...

	www.sccm.org/Files/setup.zip	926 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:27 Times Seen2 Hash 9493439af58ad2f9d8ca0ad644c57799 07124240e5ad8dac107c27793c0a69a934e3f35f 359dc0951705a3a8a8d9474463290b7669cf549e822d9f403599c707a2d96bdc Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-08	2023-03-10
Pretty URL www.google.com/pagead/conversion_async.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:10:58 Last Seen2023-03-10 12:05:33 Times Seen1 Hash 7ebf0fce2f7b7c5a547d76da320bd16f cf5575cac6328d1538893b09ddcc0e1d9ece0bd2 a355dc6fd53a94ca23cff781b3cf5f19d3851d899687b32bdfb4ecf6adb0ecb3 Loading...

	sccm.informz.net/web_trk/sp.js	64 kB	2023-03-08	2024-02-13
Pretty URL sccm.informz.net/web_trk/sp.js IP 3.212.38.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:29 Times Seen83 Hash ef04a52b168c2f772bed770804b94f08 3a23579cfa97cd14552643fd1443c2d5705c866e 6db1366dccdd6c074dcda0deb63c6bf6b516043024fd314ec70d83b07542b301 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	static.ads-twitter.com/uwt.js	57 kB	2023-03-07	2024-01-14
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:10 Last Seen2024-01-14 12:48:17 Times Seen57 Hash d4de8398858246712016031c834bb061 49709126e0fcb914a62f3255ae3ffe45a3fbe0ae 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d Loading...

	www.google.com/pagead/1p-conversion/1056377521/?random=1664884454818&cv=9&fst=1664884454818&num=1&value=0&label=0X0ZCKODz9IBELGV3PcD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tiba=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&auid=953754183.1664884454&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4	43 B	2023-03-07	2024-04-20
Pretty URL www.google.com/pagead/1p-conversion/1056377521/?random=1664884454818&cv=9&fst=1664884454818&num=1&value=0&label=0X0ZCKODz9IBELGV3PcD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tiba=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&auid=953754183.1664884454&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-20 17:48:03 Times Seen63949 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	www.sccm.org/ScriptResource.axd?d=ACsN3dKiV-VMJHM6HKrNHNKEbb6eSVG7CvT8VuXLbhgkG5zYtcJYUq0rKPjKYWCwTNOJdTfvjoBjqQxNrU_a7-zCGM1eUsFF7mQwAENZ6eBfVza50&t=7c776dc1	18 kB	2023-03-07	2024-04-16
Pretty URL www.sccm.org/ScriptResource.axd?d=ACsN3dKiV-VMJHM6HKrNHNKEbb6eSVG7CvT8VuXLbhgkG5zYtcJYUq0rKPjKYWCwTNOJdTfvjoBjqQxNrU_a7-zCGM1eUsFF7mQwAENZ6eBfVza50&t=7c776dc1 IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:40 Last Seen2024-04-16 01:37:04 Times Seen21 Hash 4d5b54591b8b07f10307ef8dc32d42d2 f31ed98a0311edb91384140c2d0f4ec80af00fd9 5a2bfafaae624bf22eada3a71ec9be1b9ee03e68fbbd36ac5924b381b96525e7 Loading...

	www.sccm.org/Files/setup.zip	1.0 kB	2023-03-08	2023-03-08
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-08 05:47:34 Times Seen1 Hash 4590cac14162c14b840901a3ef6d8d5e 9d9c9b68891b2c97b88ad3d1e2b9fe89e64aded5 e73792e5a02ad6f657fc053c51aac3e9eb301d61ad3203938f28fc801db9fafe Loading...

	assets.adobedtm.com/175f7caa2b90/1ff0b0d645bf/launch-33ba07c74b04.min.js	87 kB	2023-03-08	2023-03-10
Pretty URL assets.adobedtm.com/175f7caa2b90/1ff0b0d645bf/launch-33ba07c74b04.min.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-10 22:10:01 Times Seen1 Hash efaed071d304f2b3f003375c20d9bf1b 8eadfaade20f8c303150806401fc56a7209ef95e 236c3e2f43e972d4759d1b38aca3f0b9b6376b214c3665e26c7082e6cfd53908 Loading...

	cdn.feathr.co/js/boomerang.min.js	174 kB	2023-03-07	2023-03-10
Pretty URL cdn.feathr.co/js/boomerang.min.js IP 172.67.159.92 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:31:18 Last Seen2023-03-10 22:10:01 Times Seen1 Hash 1c3cc48d83e98f6354bdcb81989deafe a0df9761bc571543d372ec6c8798145f24354688 76b9a976448170b38b6faf85938c0ab814fb9abc10487b06ccfaa75151f251aa Loading...

	www.sccm.org/CMSScripts/Custom/SCCMv2/bootstrap.min.js	60 kB	2023-03-07	2024-02-13
Pretty URL www.sccm.org/CMSScripts/Custom/SCCMv2/bootstrap.min.js IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:04 Last Seen2024-02-13 20:11:28 Times Seen123 Hash 7ea576594a2272604943b19eed3f65dd cf0363ed7c98a2223de587f86442c754823ff167 43c3c4b6cca3da44ba9b3e1eaffafea84098bfe213b26a416b72acfca769d59e Loading...

	www.sccm.org/Files/setup.zip	444 B	2023-03-08	2024-02-13
Pretty URL www.sccm.org/Files/setup.zip IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:27 Times Seen2 Hash ae560bafcc46a5a69b53f672e1ee01ca cd1e4874cbd80c9b33794bf4e53126af903c7e0e 8897c4dd9460b3e03065322a41c23bb1c4eb3f447eeb2dfcc3e8224e0cde7af2 Loading...

	polo.feathr.co/v1/accounts/61264f156e62b12358355a6b/pixel.js?pk=feathr	32 B	2023-03-07	2024-04-23
Pretty URL polo.feathr.co/v1/accounts/61264f156e62b12358355a6b/pixel.js?pk=feathr IP 34.198.183.83 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:44 Last Seen2024-04-23 13:06:34 Times Seen511 Hash 9661451032832f869c969fbfcb85bc8b a680f072c27e72a8dcc6ad56b53d5286b31ff875 eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848 Loading...

	twin-iq.kickfire.com/twin.js?13716	424 B	2023-03-07	2024-02-21
Pretty URL twin-iq.kickfire.com/twin.js?13716 IP 34.208.31.23 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:28:27 Last Seen2024-02-21 21:21:27 Times Seen393 Hash 5bd1e8c855937dd99944ba4915d8f595 4e256c292e86a29cc05fea86f55740eddc607e6e 034acd3ced0cf00cdfcb684283fdc624a48c2dc8dcddeb55e09412f92971056d Loading...

	www.sccm.org/ScriptResource.axd?d=f7eCaGv_vB1v2mZ8DDpU4hmSUHg9J-usIluOGZJv3y63MnXpelVB_nqsC6H98OlOdwHoqjOlctGanv797dXE6dEtaEBE0AjUEXLX3hnP71hrWoBa0&t=7c776dc1	89 kB	2023-03-07	2024-04-16
Pretty URL www.sccm.org/ScriptResource.axd?d=f7eCaGv_vB1v2mZ8DDpU4hmSUHg9J-usIluOGZJv3y63MnXpelVB_nqsC6H98OlOdwHoqjOlctGanv797dXE6dEtaEBE0AjUEXLX3hnP71hrWoBa0&t=7c776dc1 IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:26 Last Seen2024-04-16 01:37:03 Times Seen111 Hash f2119c64fda284b265a9bf170019f208 5fbd94ab4e2eeda7d12a7de54f0a2f3059a544fc 9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5 Loading...

	www.sccm.org/CMSScripts/Custom/SCCMv2/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL www.sccm.org/CMSScripts/Custom/SCCMv2/jquery.min.js IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 00:32:27 Times Seen138854 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.sccm.org/CMSScripts/Custom/SCCMv2/main.js	3.3 kB	2023-03-08	2023-03-08
Pretty URL www.sccm.org/CMSScripts/Custom/SCCMv2/main.js IP 52.237.132.233 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-08 05:47:34 Times Seen1 Hash 0aabde1dc29c1c3d25c4232963d4653d f5172645ea6d9708ee4eea0ac61b882a9c5e7c2c f316edfdf0b1bf151f32bdd4f7d7b1c902224b13c7dc076be516719640f83ce1 Loading...

	connect.facebook.net/en_US/fbds.js	4.0 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/fbds.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:34 Last Seen2023-03-08 05:47:34 Times Seen1 Hash ade36b31d08b2005b7162d85a6ca0a59 bd02f10578b83c33deaade5ea198f471a4177d3f 173e1bc1bb848a5d8353b8436bad5be8b738df2f4170253219c7fe5ccc14e2f7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 60ed9697a9a19f6dd5b9ba3eabff458a	85 B	2023-03-08	2024-02-13
Pretty Observations First Seen2023-03-08 05:47:34 Last Seen2024-02-13 20:11:28 Times Seen7 Hash 60ed9697a9a19f6dd5b9ba3eabff458a 83299d6813cb1dbdb47ecc82a2ed7d3b00136f97 7ebef1dfcfc811df6fc824b7eab5fc3aa7a4e7caec808beac902b52ef16ff95a Loading...

	#2 Eval - 3d9096fbefe7f2be2891e096024413f9	85 B	2023-03-07	2024-04-20
Pretty Observations First Seen2023-03-07 12:03:07 Last Seen2024-04-20 21:34:57 Times Seen1212 Hash 3d9096fbefe7f2be2891e096024413f9 23f8bfaa7dad2ff100b9382e9d2fe836180dd476 b0857638048949463f09da0bdb74c5055133bf2e245a1e9afc78a16ac1aa811e Loading...

HTTP Transactions (104)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:40:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xveV7DfWx3DHbs6yry9gBQ17S16F8bxeSU3KJ_ScNIDuAjEBxcmmmw==
Age: 806

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8350
Expires: Tue, 04 Oct 2022 14:13:22 GMT
Date: Tue, 04 Oct 2022 11:54:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7cuh_E2naUn7LVS11C7mcyMq46-ubIoPid276upYrm9LqBtCF2NIvg==
age: 23145
X-Firefox-Spdy: h2

www.sccm.org/Files/setup.zip

52.237.132.233

303 See Other

159 B

URL HTTP/1.1
www.sccm.org/Files/setup.zip
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
159 B (159 bytes)
Hash
4d6b00b0711b3514260fc42cfb86434c
ab64e8da701c57fd2ea48ca7b64482a8f3698e4a
6b9778f6a37c7d7ef9b3365e579eed205e86b5c2a175b07a3195369f24f943c1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /Files/setup.zip HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 303 See Other
Content-Type: text/html; charset=UTF-8
Location: https://www.sccm.org/Files/setup.zip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 11:54:12 GMT
Content-Length: 159

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:54:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 11:29:33 GMT
Expires: Tue, 04 Oct 2022 12:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jkjIc-k8iw8JfhXsaPRvhc4vuTq8e3ofPymfVOU1p-zugrm8FNtLnQ==
Age: 1480

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6029
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:13 GMT
Last-Modified: Tue, 04 Oct 2022 10:13:44 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&family=Source+Serif+Pro:ital,wght@0,400;0,700;1,400&display=swap

142.250.74.10

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&family=Source+Serif+Pro:ital,wght@0,400;0,700;1,400&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1458 bytes)
Hash
1d41193bf28bdb498cb1d89d37db2978
2ff8a92a1a527422377619c680db490d11d9ba6d
4e37f16ecbfa570ba389aedb36152aadf55429b9ca29d6b4413ad489c509730b

HTTP Headers

GET /css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400&family=Source+Serif+Pro:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 11:54:13 GMT
date: Tue, 04 Oct 2022 11:54:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.175.179

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.175.179:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5VE/lvAGAIjBgg9O97QGdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4Wezz0wCFEurxqBpN2NYHTZO0/c=

www.sccm.org/Files/setup.zip

52.237.132.233

404 Not Found

92 kB

URL HTTP/2
www.sccm.org/Files/setup.zip
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2256), with CRLF, LF line terminators
Size
92 kB (92436 bytes)
Hash
4ab3e0ce76250bee037365186078e7ff
55f814a83b508bf8891112e2f97d077f26dabff7
e8bba00a0b5b3246f6696945a08fb3409b40533556835f030234020357cd8b6d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /Files/setup.zip HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
set-cookie: CMSPreferredCulture=en-US; expires=Wed, 04-Oct-2023 11:54:13 GMT; path=/; HttpOnly
CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; path=/; HttpOnly
ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz; path=/; HttpOnly; SameSite=Lax
CMSPreferredUICulture=; expires=Mon, 04-Oct-2021 11:54:13 GMT; path=/; HttpOnly
x-ua-compatible: IE=Edge
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 92436
X-Firefox-Spdy: h2

www.sccm.org/CMSPages/GetResource.ashx?_webparts=677

52.237.132.233

200 OK

399 B

URL HTTP/2
www.sccm.org/CMSPages/GetResource.ashx?_webparts=677
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (399), with no line terminators
Size
399 B (399 bytes)
Hash
f0faae1d7bba2dd8f23154bd3c4c7f93
6fe5604a4e5c893082a5efce8f681c71fe584d23
ba4abd5671f0a688d7370f7edce099678a509870131afcb845f8db09500e6157

HTTP Headers

GET /CMSPages/GetResource.ashx?_webparts=677 HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, must-revalidate
content-type: text/css; charset=utf-8
expires: Tue, 04 Oct 2022 11:54:13 GMT
last-modified: Mon, 20 Jun 2016 17:26:38 GMT
etag: "webpart|SearchBox"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-disposition: attachment; filename="SearchBox.css"
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 399
X-Firefox-Spdy: h2

assets.adobedtm.com/175f7caa2b90/1ff0b0d645bf/launch-33ba07c74b04.min.js

23.38.200.237

200 OK

21 kB

URL HTTP/2
assets.adobedtm.com/175f7caa2b90/1ff0b0d645bf/launch-33ba07c74b04.min.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32764)
Size
21 kB (20860 bytes)
Hash
25f1fbcaade64abfd6f1bd7e26f6b3be
ddd0be39b23a850ceffea57e2f739b1035447d3a
2b203550cb1caa5e069ac36c91ebf5b7d71e07eb32f859b1671c8b35b5413b8d

HTTP Headers

GET /175f7caa2b90/1ff0b0d645bf/launch-33ba07c74b04.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "efaed071d304f2b3f003375c20d9bf1b:1655907759.234079"
last-modified: Wed, 22 Jun 2022 14:22:39 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 04 Oct 2022 12:54:13 GMT
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 20860
access-control-allow-origin: https://www.sccm.org
timing-allow-origin: *
X-Firefox-Spdy: h2

www.sccm.org/App_Themes/SCCMv2/sccmv2.css

52.237.132.233

200 OK

44 kB

URL HTTP/2
www.sccm.org/App_Themes/SCCMv2/sccmv2.css
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (625)
Size
44 kB (44464 bytes)
Hash
328be5a9b982f4b562a7204116a3a6d3
fa391ee514d9badfb85829bd1d56f26b56c59c37
79a45b22c0724ae613acebf82b25ee029c85ce0f4d3baf1c2b9010a401abfa3d

HTTP Headers

GET /App_Themes/SCCMv2/sccmv2.css HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 19:03:54 GMT
accept-ranges: bytes
etag: "0896424b48cd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 44464
X-Firefox-Spdy: h2

www.sccm.org/WebResource.axd?d=0watXEZJSNe_h8szJufL_oMy5atbSlW5Pyku23n3-GJf-e0wMncQU5j4iw_vLt7CwaiQUKgEaGMBSaSI0Ie1Dhc5BCY1&t=637814444020000000

52.237.132.233

200 OK

23 kB

URL HTTP/2
www.sccm.org/WebResource.axd?d=0watXEZJSNe_h8szJufL_oMy5atbSlW5Pyku23n3-GJf-e0wMncQU5j4iw_vLt7CwaiQUKgEaGMBSaSI0Ie1Dhc5BCY1&t=637814444020000000
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
23 kB (23063 bytes)
Hash
90ea7274f19755002360945d54c2a0d7
647b5d8bf7d119a2c97895363a07a0c6eb8cd284
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

HTTP Headers

GET /WebResource.axd?d=0watXEZJSNe_h8szJufL_oMy5atbSlW5Pyku23n3-GJf-e0wMncQU5j4iw_vLt7CwaiQUKgEaGMBSaSI0Ie1Dhc5BCY1&t=637814444020000000 HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
expires: Tue, 03 Oct 2023 23:35:46 GMT
last-modified: Sat, 26 Feb 2022 09:53:22 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 23063
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.sccm.org/ScriptResource.axd?d=f7eCaGv_vB1v2mZ8DDpU4hmSUHg9J-usIluOGZJv3y63MnXpelVB_nqsC6H98OlOdwHoqjOlctGanv797dXE6dEtaEBE0AjUEXLX3hnP71hrWoBa0&t=7c776dc1

52.237.132.233

200 OK

28 kB

URL HTTP/2
www.sccm.org/ScriptResource.axd?d=f7eCaGv_vB1v2mZ8DDpU4hmSUHg9J-usIluOGZJv3y63MnXpelVB_nqsC6H98OlOdwHoqjOlctGanv797dXE6dEtaEBE0AjUEXLX3hnP71hrWoBa0&t=7c776dc1
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65496), with CRLF line terminators
Size
28 kB (27722 bytes)
Hash
3f0ea208a73eaaf1859cde3c696e20c4
d9c149160c1a2bbe1b831d8ada57d5b8c5fe690a
edaaadfdb5e8afd621c8dbe906fbae8ac279d6240fee82056407d047a784b152

HTTP Headers

GET /ScriptResource.axd?d=f7eCaGv_vB1v2mZ8DDpU4hmSUHg9J-usIluOGZJv3y63MnXpelVB_nqsC6H98OlOdwHoqjOlctGanv797dXE6dEtaEBE0AjUEXLX3hnP71hrWoBa0&t=7c776dc1 HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Wed, 04 Oct 2023 00:09:53 GMT
last-modified: Tue, 04 Oct 2022 00:09:53 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 27722
X-Firefox-Spdy: h2

www.sccm.org/ScriptResource.axd?d=8dtNVrOiLJeBU1Nx1tfToO-Z5nzxHYU2RW6vJWhZ6GmC6ET5OhTwzPBJVFw-6VckflQvPVoSyh_61A57TBR_wY8hOLXuG8ie3cXfredj-0HWGZHecqPB63VNqp4qyGkVBj1Dew2&t=7c776dc1

52.237.132.233

200 OK

9.9 kB

URL HTTP/2
www.sccm.org/ScriptResource.axd?d=8dtNVrOiLJeBU1Nx1tfToO-Z5nzxHYU2RW6vJWhZ6GmC6ET5OhTwzPBJVFw-6VckflQvPVoSyh_61A57TBR_wY8hOLXuG8ie3cXfredj-0HWGZHecqPB63VNqp4qyGkVBj1Dew2&t=7c776dc1
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (36408), with CRLF line terminators
Size
9.9 kB (9936 bytes)
Hash
54195abef605d73ad12ed4e8e9dcbf33
69fb139a5d0297f4ad4f1707cbfbde4d29235947
1efa484287745ab9554b1d16d6d0d29e2d836f2e13937579ce88669cca62726e

HTTP Headers

GET /ScriptResource.axd?d=8dtNVrOiLJeBU1Nx1tfToO-Z5nzxHYU2RW6vJWhZ6GmC6ET5OhTwzPBJVFw-6VckflQvPVoSyh_61A57TBR_wY8hOLXuG8ie3cXfredj-0HWGZHecqPB63VNqp4qyGkVBj1Dew2&t=7c776dc1 HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Wed, 04 Oct 2023 00:09:53 GMT
last-modified: Tue, 04 Oct 2022 00:09:53 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 9936
X-Firefox-Spdy: h2

www.sccm.org/ScriptResource.axd?d=ACsN3dKiV-VMJHM6HKrNHNKEbb6eSVG7CvT8VuXLbhgkG5zYtcJYUq0rKPjKYWCwTNOJdTfvjoBjqQxNrU_a7-zCGM1eUsFF7mQwAENZ6eBfVza50&t=7c776dc1

52.237.132.233

200 OK

5.0 kB

URL HTTP/2
www.sccm.org/ScriptResource.axd?d=ACsN3dKiV-VMJHM6HKrNHNKEbb6eSVG7CvT8VuXLbhgkG5zYtcJYUq0rKPjKYWCwTNOJdTfvjoBjqQxNrU_a7-zCGM1eUsFF7mQwAENZ6eBfVza50&t=7c776dc1
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (18210), with CRLF line terminators
Size
5.0 kB (4998 bytes)
Hash
ab9dc64893b301e3d089f5fde89f0bd6
1a953ec3751f839ce695aaa1bd96306ad3b8f41d
913eead04b6d9a4fc6473dba8cd892ed5a5f84b169a2530eaf496db80a445806

HTTP Headers

GET /ScriptResource.axd?d=ACsN3dKiV-VMJHM6HKrNHNKEbb6eSVG7CvT8VuXLbhgkG5zYtcJYUq0rKPjKYWCwTNOJdTfvjoBjqQxNrU_a7-zCGM1eUsFF7mQwAENZ6eBfVza50&t=7c776dc1 HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: text/javascript
content-encoding: gzip
expires: Wed, 04 Oct 2023 08:20:44 GMT
last-modified: Tue, 04 Oct 2022 08:20:44 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 4998
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TR3BK2T

142.250.74.168

200 OK

63 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TR3BK2T
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18938)
Size
63 kB (62919 bytes)
Hash
e59b8ff3dc9287cf2768ed96cdee29c6
b66f8167ff9986293f838d428d2fdaa290f91aef
85a984ce2cde1382c7f09c55d8b6d62c88fb3f1968fbf75f102de15830546c0a

HTTP Headers

GET /gtm.js?id=GTM-TR3BK2T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 11:54:13 GMT
expires: Tue, 04 Oct 2022 11:54:13 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.sccm.org/ScriptResource.axd?d=v5wHE0lqA55O0ag01YayvjPOeLe2WUJygB2xnqDPqgojnWAcW8eopkSrqE4rszaVfmkmh9qunBWGhSCDU692wNP9wGFIlJyQBGP9QaYG_vbNkfjAn2VoRwL2DjK5syRH6aw-Y9Zpzn2T3W5nWDspQ3NFjHI1&t=7c776dc1

52.237.132.233

200 OK

1.6 kB

URL HTTP/2
www.sccm.org/ScriptResource.axd?d=v5wHE0lqA55O0ag01YayvjPOeLe2WUJygB2xnqDPqgojnWAcW8eopkSrqE4rszaVfmkmh9qunBWGhSCDU692wNP9wGFIlJyQBGP9QaYG_vbNkfjAn2VoRwL2DjK5syRH6aw-Y9Zpzn2T3W5nWDspQ3NFjHI1&t=7c776dc1
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (6332), with CRLF line terminators
Size
1.6 kB (1562 bytes)
Hash
dd3bd35e9fbcb774056befc6b589b74a
56d9a09757efe8870afd513d42ec9b009bf7a30f
9ee7ac944c3d32111cfab82f688a28b340e69625fa47e472f778a8a11c73d2fa

HTTP Headers

GET /ScriptResource.axd?d=v5wHE0lqA55O0ag01YayvjPOeLe2WUJygB2xnqDPqgojnWAcW8eopkSrqE4rszaVfmkmh9qunBWGhSCDU692wNP9wGFIlJyQBGP9QaYG_vbNkfjAn2VoRwL2DjK5syRH6aw-Y9Zpzn2T3W5nWDspQ3NFjHI1&t=7c776dc1 HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: text/javascript
content-encoding: gzip
expires: Tue, 03 Oct 2023 23:35:46 GMT
last-modified: Mon, 03 Oct 2022 23:35:46 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 1562
X-Firefox-Spdy: h2

www.sccm.org/CMSScripts/Custom/SCCMv2/jquery.min.js

52.237.132.233

200 OK

31 kB

URL HTTP/2
www.sccm.org/CMSScripts/Custom/SCCMv2/jquery.min.js
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65451)
Size
31 kB (30976 bytes)
Hash
01ed540a1edc0b1cae4b91ef5d576be3
0f4aa0ea331348a4c2bca0f3898dd681646455c4
da348028c4b581592016ee99ec4ee38cdaaac87d2c0317962c52c18a9338a101

HTTP Headers

GET /CMSScripts/Custom/SCCMv2/jquery.min.js HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 17:35:42 GMT
accept-ranges: bytes
etag: "06b826960c8d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 30976
X-Firefox-Spdy: h2

www.sccm.org/CMSScripts/Custom/SCCMv2/bootstrap.min.js

52.237.132.233

200 OK

15 kB

URL HTTP/2
www.sccm.org/CMSScripts/Custom/SCCMv2/bootstrap.min.js
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (59765), with CRLF line terminators
Size
15 kB (14803 bytes)
Hash
c161b20a710992952f3c3cfbf9cd845f
425c2c8559821154564a02dc1b36a1245f7039c6
0299c7b6bfc0ac1b4ca41e542f930cdfa52a8c8aca9e1b4c3676adf8e5babe31

HTTP Headers

GET /CMSScripts/Custom/SCCMv2/bootstrap.min.js HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 17:35:42 GMT
accept-ranges: bytes
etag: "06b826960c8d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 14803
X-Firefox-Spdy: h2

www.sccm.org/CMSScripts/Custom/SCCMv2/mix.js

52.237.132.233

200 OK

27 kB

URL HTTP/2
www.sccm.org/CMSScripts/Custom/SCCMv2/mix.js
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (42862), with CRLF line terminators
Size
27 kB (27101 bytes)
Hash
5026fa85682eeb29290bead146b043d8
90ce62150f6746559be6902aab8afd46ae505cfb
c46daa718fe1626eedacf13f16d1cd532ebcb53af2ae2e1940f326526029f13e

HTTP Headers

GET /CMSScripts/Custom/SCCMv2/mix.js HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 17:35:42 GMT
accept-ranges: bytes
etag: "06b826960c8d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 27101
X-Firefox-Spdy: h2

www.sccm.org/CMSScripts/Custom/SCCMv2/main.js

52.237.132.233

200 OK

1.1 kB

URL HTTP/2
www.sccm.org/CMSScripts/Custom/SCCMv2/main.js
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
1.1 kB (1073 bytes)
Hash
48fa6ee6b969680933a1f82cab817103
8726c093abcafdc0a8ac5b3299b7b26fadbfbf5c
105f38bb15db128aeb46383e6f32f1558003cc78392174c282164d6f6e04a5ca

HTTP Headers

GET /CMSScripts/Custom/SCCMv2/main.js HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 17:35:42 GMT
accept-ranges: bytes
etag: "06b826960c8d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 1073
X-Firefox-Spdy: h2

www.sccm.org/sccm/media/SCCMv2/images/SCCM-Logo.png

52.237.132.233

200 OK

12 kB

URL HTTP/2
www.sccm.org/sccm/media/SCCMv2/images/SCCM-Logo.png
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 220 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11793 bytes)
Hash
a4c8293cc12213b20f2e2b68babf50d3
a278c83ea2b801fa8f77f3fa98968513715322b7
d0ebb23682714dc3e267887341eb702835db14225d614914e810e9cb845422d8

HTTP Headers

GET /sccm/media/SCCMv2/images/SCCM-Logo.png HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 14 Sep 2022 17:39:54 GMT
accept-ranges: bytes
etag: "1c9e1061c8d81:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 11793
X-Firefox-Spdy: h2

www.sccm.org/sccm/media/SCCMv2/images/GradientLinedBubble.svg

52.237.132.233

200 OK

1.3 kB

URL HTTP/2
www.sccm.org/sccm/media/SCCMv2/images/GradientLinedBubble.svg
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
1.3 kB (1309 bytes)
Hash
a2074d91fd3bb1eee3df5b5e7819ceef
e0279740ccd9346aaf0ecf0db7053ecfe09d5ad6
014a0aeae7fe07bc221a357b22050c670a230ba6fc6e9f2133744bc739cba011

HTTP Headers

GET /sccm/media/SCCMv2/images/GradientLinedBubble.svg HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 17:39:53 GMT
accept-ranges: bytes
etag: "751539ff60c8d81:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 1309
X-Firefox-Spdy: h2

www.sccm.org/sccm/media/SCCMv2/images/GradientLinedDoubleBubble.svg

52.237.132.233

200 OK

2.1 kB

URL HTTP/2
www.sccm.org/sccm/media/SCCMv2/images/GradientLinedDoubleBubble.svg
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1108)
Size
2.1 kB (2134 bytes)
Hash
64f82b4449d8fff9a728bdf0f272a196
cf83d8ca26633a44b1047237a7665cea476d941b
7ddae475a5798b25d95bcb14eae4986220c5c474e8fbbef3f7e9fcc2c9bbb882

HTTP Headers

GET /sccm/media/SCCMv2/images/GradientLinedDoubleBubble.svg HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 17:39:53 GMT
accept-ranges: bytes
etag: "9a9e32ff60c8d81:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 2134
X-Firefox-Spdy: h2

www.sccm.org/sccm/media/SCCMv2/images/GradientFilledBubbleGreen.svg

52.237.132.233

200 OK

517 B

URL HTTP/2
www.sccm.org/sccm/media/SCCMv2/images/GradientFilledBubbleGreen.svg
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
517 B (517 bytes)
Hash
00049f2c1bf2ddaded879631496bf898
5e71cb2365f5b07720cd4db414f1b3221a7e2140
d56cd9aabf1318b14e286f3fcab0229665f98b41bf2d4675adb0bd12a2af2600

HTTP Headers

GET /sccm/media/SCCMv2/images/GradientFilledBubbleGreen.svg HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 17:39:52 GMT
accept-ranges: bytes
etag: "3af217ff60c8d81:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 517
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Size
13 kB (13052 bytes)
Hash
7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sccm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:26:57 GMT
expires: Thu, 28 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 491237
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size
13 kB (13036 bytes)
Hash
0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

HTTP Headers

GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sccm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:26:57 GMT
expires: Thu, 28 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 491237
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Size
13 kB (12924 bytes)
Hash
4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sccm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:26:57 GMT
expires: Thu, 28 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 491237
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.sccm.org/sccm/media/SCCMv2/fonts/icomoon.ttf?v3

52.237.132.233

200 OK

5.3 kB

URL HTTP/2
www.sccm.org/sccm/media/SCCMv2/fonts/icomoon.ttf?v3
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
5.3 kB (5300 bytes)
Hash
842912113a5dd996d6ce552ae3410c3d
11a720f0bfea4ec0ac392ac7ff9db1f13340427b
efa286db398b5091763546e05547c987cef5fc5e97aec07887073b376658fa16

HTTP Headers

GET /sccm/media/SCCMv2/fonts/icomoon.ttf?v3 HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/App_Themes/SCCMv2/sccmv2.css
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Wed, 14 Sep 2022 17:39:47 GMT
accept-ranges: bytes
etag: "77f9b9fb60c8d81:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:13 GMT
content-length: 5300
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
39f5ee5653ffa293a147a33f41965e99
7ba9c357e42cba75ff7be5de6b2b113a75403b1f
0e8d401c06e1d02f7fc943c1fc8be14472699a4221546fbdcf8e441d927cbee5

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:54:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 08 Oct 2022 07:42:48 GMT
ETag: "7ba9c357e42cba75ff7be5de6b2b113a75403b1f"
Last-Modified: Tue, 04 Oct 2022 07:42:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2396
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754db8bfabdab523-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3e1827cde19bf6a391e1b5b0ce97be46
3cfd5f2b60738dfd069552f5e83136e4648ef66b
4b5defe028614a14b1579cdcc33b73b283f9f27b2f5a8f12f54f64d69e8452cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B5DEFE028614A14B1579CDCC33B73B283F9F27B2F5A8F12F54F64D69E8452CB"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Tue, 04 Oct 2022 14:22:11 GMT
Date: Tue, 04 Oct 2022 11:54:14 GMT
Connection: keep-alive

sccm.informz.net/web_trk/sp.js

3.212.38.122

200 OK

27 kB

URL HTTP/2
sccm.informz.net/web_trk/sp.js
IP
3.212.38.122:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (62425), with CRLF, LF line terminators
Size
27 kB (27128 bytes)
Hash
61e9a934a370834e34f3e656be88119d
95101bb48bb854c10da45aba1553154fcbd4e534
c89681e9afbe0a42d340197102d5d09ee013c8b72b83ef432fd5b7dda6148165

HTTP Headers

GET /web_trk/sp.js HTTP/1.1
Host: sccm.informz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:14 GMT
content-type: application/javascript
content-length: 27128
set-cookie: AWSALBTG=524wJDT8LIeyPXTg0Jt7FbrAsN/wf+gg3G7Nz0ivqfESfKVKDFV/VBfNDrWqm968LY19OTtbbv3YyVovivfrmypU4tEmRUi5h8GgNgLICFdshma3Pz9HOX6Pi9kW88+cNifoKRB1TB5k3lEGP8X9Y1danyiVy8ZRE/STEbcf1gDRTO47aVY=; Expires=Tue, 11 Oct 2022 11:54:14 GMT; Path=/
AWSALBTGCORS=524wJDT8LIeyPXTg0Jt7FbrAsN/wf+gg3G7Nz0ivqfESfKVKDFV/VBfNDrWqm968LY19OTtbbv3YyVovivfrmypU4tEmRUi5h8GgNgLICFdshma3Pz9HOX6Pi9kW88+cNifoKRB1TB5k3lEGP8X9Y1danyiVy8ZRE/STEbcf1gDRTO47aVY=; Expires=Tue, 11 Oct 2022 11:54:14 GMT; Path=/; SameSite=None; Secure
AWSALB=TBEZt5gUb08Io1Hb76VMvD745b/MG8HlyMTTAjSIOKFLzGshki6nVREYbtfigE2lwUpoDwPcJMLFF8xAtC8853EgFVB2dHBRqHVUYgGBe41uVpAVGUdZQsKAgQ+H; Expires=Tue, 11 Oct 2022 11:54:14 GMT; Path=/
AWSALBCORS=TBEZt5gUb08Io1Hb76VMvD745b/MG8HlyMTTAjSIOKFLzGshki6nVREYbtfigE2lwUpoDwPcJMLFF8xAtC8853EgFVB2dHBRqHVUYgGBe41uVpAVGUdZQsKAgQ+H; Expires=Tue, 11 Oct 2022 11:54:14 GMT; Path=/; SameSite=None; Secure
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 19:57:10 GMT
accept-ranges: bytes
etag: "02fd1062ccd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

marco.feathr.co/v1/refresh

143.204.55.31

200 OK

43 B

URL HTTP/2
marco.feathr.co/v1/refresh
IP
143.204.55.31:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

HTTP Headers

GET /v1/refresh HTTP/1.1
Host: marco.feathr.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 04 Oct 2022 11:54:14 GMT
x-amzn-requestid: 13a6fd20-ac6a-43e8-856b-2f88db270bc1
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key
set-cookie: f_id=633c1ee67780780009253b07; Domain=.feathr.co; Path=/; Expires=Wed, 04 Oct 2023 11:54:14 GMT; SameSite=None; Secure; HttpOnly
x-amz-apigw-id: ZenEEHvAIAMFtNg=
access-control-allow-methods: *
x-amzn-trace-id: Root=1-633c1ee6-319f8b043ed2f38d7e7e77d3;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PWuUDz8T-Bx6CrGI9TDfa3TiYdpJTPmXS4ZDXuU2seXI7V0oNy4BMQ==
X-Firefox-Spdy: h2

polo.feathr.co/v1/accounts/61264f156e62b12358355a6b/integrations

34.198.183.83

200 OK

31 B

URL HTTP/2
polo.feathr.co/v1/accounts/61264f156e62b12358355a6b/integrations
IP
34.198.183.83:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text
Size
31 B (31 bytes)
Hash
b4e8a630470a9512c846504a5afd5a50
2bd1c0c5ab56bcb2b60db1cc7aafeff7f276d54f
559382b44a7cb0b397c474fe76532f50b622824e15440784425d1f4a42a991de

HTTP Headers

GET /v1/accounts/61264f156e62b12358355a6b/integrations HTTP/1.1
Host: polo.feathr.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sccm.org
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.8
date: Tue, 04 Oct 2022 11:54:14 GMT
content-type: application/json
content-length: 31
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6912
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:54:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6912
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:54:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6912
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:54:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4858 bytes)
Hash
6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 50994
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8508 bytes)
Hash
515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wueU8yVJPql7JutY2H26gdjyBCPTeyX_sG9c5mNE-PS57lyMGftW2g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 08:27:48 GMT
age: 12386
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9917 bytes)
Hash
d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 50994
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5504 bytes)
Hash
6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 50981
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11955 bytes)
Hash
54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 50979
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4151 bytes)
Hash
24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 50994
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sccm.informz.net/web_trk/collector/?e=pv&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&page=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&tv=js-2.5.3&tna=infz&aid=61B9A0DE-789E-4AD0-9C8E-654C3FA7C835&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=855bd9c9-efe1-4b60-8157-e94404557073&dtm=1664884454126&vp=1280x939&ds=1268x1501&vid=1&sid=bb386a0c-061e-4d10-9845-fb5f8785b22f&duid=aeb3b65831f5308c&fp=1326250463

3.212.38.122

200 OK

130 B

URL HTTP/2
sccm.informz.net/web_trk/collector/?e=pv&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&page=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&tv=js-2.5.3&tna=infz&aid=61B9A0DE-789E-4AD0-9C8E-654C3FA7C835&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=855bd9c9-efe1-4b60-8157-e94404557073&dtm=1664884454126&vp=1280x939&ds=1268x1501&vid=1&sid=bb386a0c-061e-4d10-9845-fb5f8785b22f&duid=aeb3b65831f5308c&fp=1326250463
IP
3.212.38.122:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
130 B (130 bytes)
Hash
31c2485846793ea896a198f06eef0103
1ec7fb2f0cced8fc455900fd86f2341073eff1d2
55b3f9c816281a83e89790513d5fa1e8ee1b71b0194cda2da2822fcdef4a0c96

HTTP Headers

GET /web_trk/collector/?e=pv&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&page=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&tv=js-2.5.3&tna=infz&aid=61B9A0DE-789E-4AD0-9C8E-654C3FA7C835&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=855bd9c9-efe1-4b60-8157-e94404557073&dtm=1664884454126&vp=1280x939&ds=1268x1501&vid=1&sid=bb386a0c-061e-4d10-9845-fb5f8785b22f&duid=aeb3b65831f5308c&fp=1326250463 HTTP/1.1
Host: sccm.informz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sccm.org
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:14 GMT
content-type: text/plain; Charset=UTF-8
content-length: 130
set-cookie: AWSALBTG=SriJx1Bk3aSCWtQp+17JKDZhFxd5R13XDBVvjxXAY0rsMSySR6gUa7UCEtvQUxa9knTagM+zc5PLsT6dR2XCFi7kDm9rbwyDyDcBFSG+HrC1wUnTLPLW0pysf9VRE9cifxCkBb7b51nutLUZ6oj4B1Q9FmD3iwhKRmV96bz0A55ree97OYw=; Expires=Tue, 11 Oct 2022 11:54:14 GMT; Path=/
AWSALBTGCORS=SriJx1Bk3aSCWtQp+17JKDZhFxd5R13XDBVvjxXAY0rsMSySR6gUa7UCEtvQUxa9knTagM+zc5PLsT6dR2XCFi7kDm9rbwyDyDcBFSG+HrC1wUnTLPLW0pysf9VRE9cifxCkBb7b51nutLUZ6oj4B1Q9FmD3iwhKRmV96bz0A55ree97OYw=; Expires=Tue, 11 Oct 2022 11:54:14 GMT; Path=/; SameSite=None; Secure
AWSALB=8iK08KQREo7oIKJJtg4dJmt95BRk1mg6ruXAtCawRGiA442eHoQIay8g3HLXYti+jJm6JRxbcCdyUutu5+pgq/tfWPamraWu/emnhGqhWrKC2HQ52kc+lBarBkzM; Expires=Tue, 11 Oct 2022 11:54:14 GMT; Path=/
AWSALBCORS=8iK08KQREo7oIKJJtg4dJmt95BRk1mg6ruXAtCawRGiA442eHoQIay8g3HLXYti+jJm6JRxbcCdyUutu5+pgq/tfWPamraWu/emnhGqhWrKC2HQ52kc+lBarBkzM; Expires=Tue, 11 Oct 2022 11:54:14 GMT; Path=/; SameSite=None; Secure
ASPSESSIONIDAQRDRSSB=GEAGGGJBFGEMMIFJOBMAHLGF; path=/
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
access-control-allow-origin: *
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-XS16NXWSRG&gtm=2oe9s0&_p=2081718007&cid=1033626603.1664884454&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664884453&sct=1&seg=0&dl=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&dt=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-XS16NXWSRG&gtm=2oe9s0&_p=2081718007&cid=1033626603.1664884454&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664884453&sct=1&seg=0&dl=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&dt=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-XS16NXWSRG&gtm=2oe9s0&_p=2081718007&cid=1033626603.1664884454&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664884453&sct=1&seg=0&dl=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&dt=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sccm.org
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.sccm.org
date: Tue, 04 Oct 2022 11:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

polo.feathr.co/v1/accounts/61264f156e62b12358355a6b/pixel.js?pk=feathr

34.198.183.83

200 OK

32 B

URL HTTP/2
polo.feathr.co/v1/accounts/61264f156e62b12358355a6b/pixel.js?pk=feathr
IP
34.198.183.83:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
32 B (32 bytes)
Hash
9661451032832f869c969fbfcb85bc8b
a680f072c27e72a8dcc6ad56b53d5286b31ff875
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

HTTP Headers

GET /v1/accounts/61264f156e62b12358355a6b/pixel.js?pk=feathr HTTP/1.1
Host: polo.feathr.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Cookie: f_id=633c1ee67780780009253b07
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.8
date: Tue, 04 Oct 2022 11:54:15 GMT
content-type: text/javascript
content-length: 32
cache-control: must-revalidate, max-age=14400
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Last-Modified: Tue, 04 Oct 2022 10:07:00 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbds.js

31.13.72.12

200 OK

2.2 kB

URL HTTP/2
connect.facebook.net/en_US/fbds.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (2892)
Size
2.2 kB (2166 bytes)
Hash
4b194030dca0843261568186a20d8d59
00b80f0abc33f7aefc932bd732f4ee32d2b86e5c
e9f5f2e69468caac1ee5b7b48a122e2dea02e68c6e3cbb1426d0435aff7d5df6

HTTP Headers

GET /en_US/fbds.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ade36b31d08b2005b7162d85a6ca0a59
etag: "06b03b93818be906240bf8999e857f42"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 04 Oct 2022 12:06:39 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: SxlAMNyghDJhVoGGog2NWQ==
x-fb-debug: IXEujjz7F5ZJHL4mp75bk4NiS91m5nvW5DH7aRrtlGuoKlcZRf/6XI1h2uu78JAJiVsmt+FrpyE991QAcO/Sjg==
content-length: 2166
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 11:54:15 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 10:41:09 GMT
expires: Tue, 04 Oct 2022 12:41:09 GMT
cache-control: public, max-age=7200
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
age: 4386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57443), with no line terminators
Size
15 kB (15317 bytes)
Hash
1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Tue, 04 Oct 2022 11:54:15 GMT
x-served-by: cache-iad-kcgs7200165-IAD, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2

polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1664884454301

34.198.183.83

200 OK

15 kB

URL HTTP/2
polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1664884454301
IP
34.198.183.83:0
ASN
#14618 AMAZON-AES

File type
data
Size
15 kB (15341 bytes)
Hash
b00e5be34be43c31eef014d51faef5e9
4c50f843835a61934ae6ac78421bc80c2848314b
b22d053c25631bebfbfda3d6a5fbe1760816241beb38f503793d48d3746f46b4

HTTP Headers

GET /v1/analytics/match/script.js?pk=feathr&cb=1664884454301 HTTP/1.1
Host: polo.feathr.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Cookie: f_id=633c1ee67780780009253b07
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.8
date: Tue, 04 Oct 2022 11:54:15 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: no-cache, max-age=0
etag: W/"633c1ee67780780009253b07"
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Last-Modified: Tue, 04 Oct 2022 10:07:00 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
3683ad4f0e3e1aeebf9a23645e71818b
ac4e3cdc5473190ceb64325f1811de696d08f0d5
dd1e73bccc231896d4e1ee90eb07127167b1f076c6108ca57e103936b6ddc7ac

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:54:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 08 Oct 2022 10:12:14 GMT
ETag: "ac4e3cdc5473190ceb64325f1811de696d08f0d5"
Last-Modified: Tue, 04 Oct 2022 10:12:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1238
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754db8c59bc6b523-OSL

www.sccm.org/sccm/media/main/favicon.png

52.237.132.233

200 OK

27 kB

URL HTTP/2
www.sccm.org/sccm/media/main/favicon.png
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (27059 bytes)
Hash
c5e7ed85fea05dd67474329fb66191f3
0cf41855e73a38f6c3abbc46a3125e460846fba1
a7e307e427d8c053b72d604240146137d4b4ef0b29aefab330ec3ad617035d18

HTTP Headers

GET /sccm/media/main/favicon.png HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz; _gcl_au=1.1.953754183.1664884454; feathr_session_id=633c1ee590e6a10535ae30d7; _ga_XS16NXWSRG=GS1.1.1664884453.1.0.1664884453.0.0.0; _ga=GA1.1.1033626603.1664884454; _sp_ses.9dbb=*; _sp_id.9dbb=aeb3b65831f5308c.1664884454.1.1664884454.1664884454.bb386a0c-061e-4d10-9845-fb5f8785b22f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 14 Sep 2022 17:39:41 GMT
accept-ranges: bytes
etag: "a92b46f860c8d81:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:14 GMT
content-length: 27059
X-Firefox-Spdy: h2

bcp.crwdcntrl.net/5/c=12671/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM

52.18.161.218

302 Found

0 B

URL HTTP/2
bcp.crwdcntrl.net/5/c=12671/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM
IP
52.18.161.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /5/c=12671/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 04 Oct 2022 11:54:15 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.1.255
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=633c1ee67780780009253b07&gdpr=0

52.223.40.198

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=633c1ee67780780009253b07&gdpr=0
IP
52.223.40.198:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=633c1ee67780780009253b07&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:15 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
ea112afcbc5159581c7a2ab15f91d4b8
d4bc73c7ba1db71f58366b3f243b0c1fea9eac7b
56d1f4941f66992387fe5cd926e73414484810726724291a46e19441090933a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6443
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Last-Modified: Tue, 04 Oct 2022 10:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 312

t.co/i/adsct?bci=3&eci=2&event_id=84718c17-8a99-4455-b09f-fd499012989a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=add1a1aa-7486-4e59-9c30-2f7c3c060080&tw_document_href=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8jr6&type=javascript&version=2.3.27

104.244.42.197

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=84718c17-8a99-4455-b09f-fd499012989a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=add1a1aa-7486-4e59-9c30-2f7c3c060080&tw_document_href=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8jr6&type=javascript&version=2.3.27
IP
104.244.42.197:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=84718c17-8a99-4455-b09f-fd499012989a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=add1a1aa-7486-4e59-9c30-2f7c3c060080&tw_document_href=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8jr6&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:14 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=dd22cb29-6e7c-457b-9fa8-29c55b7604ee; Max-Age=63072000; Expires=Thu, 03 Oct 2024 11:54:15 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: e65fa03b04e84b81
strict-transport-security: max-age=0
x-response-time: 103
x-connection-hash: 024ef7e8ea9fc0ebe7bd719cd0482c3c637a35a091e1edd66358ae48d89a5f10
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1464345823882898&ev=PixelInitialized&dl=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&rl=&if=false&ts=1664884454762

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1464345823882898&ev=PixelInitialized&dl=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&rl=&if=false&ts=1664884454762
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1464345823882898&ev=PixelInitialized&dl=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&rl=&if=false&ts=1664884454762 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 04 Oct 2022 11:54:15 GMT
X-Firefox-Spdy: h2

bcp.crwdcntrl.net/5/ct=y/c=12671/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM

52.18.161.218

200 OK

49 B

URL HTTP/2
bcp.crwdcntrl.net/5/ct=y/c=12671/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM
IP
52.18.161.218:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

HTTP Headers

GET /5/ct=y/c=12671/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sccm.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:15 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.26.0
x-consent: absent
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
57571803fbcccf1d8d3f64d1d59ad3be
9309dbdac73523157341a8aacafa931a8c7306f7
2cfc4c813b7ac4d3e9ac437fdac58c0c1f86ee330accc220be070996bdfe5e2e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6514
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Last-Modified: Tue, 04 Oct 2022 10:05:41 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 313

googleads.g.doubleclick.net/pagead/viewthroughconversion/1056377521/?random=1664884454818&cv=9&fst=1664884454818&num=1&fmt=3&value=0&label=0X0ZCKODz9IBELGV3PcD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tiba=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&auid=953754183.1664884454&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1

142.250.74.98

200 OK

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1056377521/?random=1664884454818&cv=9&fst=1664884454818&num=1&fmt=3&value=0&label=0X0ZCKODz9IBELGV3PcD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tiba=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&auid=953754183.1664884454&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/1056377521/?random=1664884454818&cv=9&fst=1664884454818&num=1&fmt=3&value=0&label=0X0ZCKODz9IBELGV3PcD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tiba=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&auid=953754183.1664884454&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 12:09:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
32be652382f93c4535e16dc151c08335
ce13a9725867ed7be99842ce18d0b7109beee158
afb4d5c4fa968c84747de14ee0e2556ac7273839ebdc962d6a419368d772d092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:54:15 GMT
Last-Modified: Tue, 04 Oct 2022 10:58:07 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _GNPueL34NE2zR45HjRqR69LPWL_2M913nUrk98Oyrkxsq7c4pWc-Q==
Age: 3368

www.google.no/pagead/1p-conversion/1056377521/?random=1664884454818&cv=9&fst=1664884454818&num=1&value=0&label=0X0ZCKODz9IBELGV3PcD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tiba=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&auid=953754183.1664884454&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0

142.250.74.3

200 OK

63 B

URL HTTP/2
www.google.no/pagead/1p-conversion/1056377521/?random=1664884454818&cv=9&fst=1664884454818&num=1&value=0&label=0X0ZCKODz9IBELGV3PcD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tiba=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&auid=953754183.1664884454&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/1056377521/?random=1664884454818&cv=9&fst=1664884454818&num=1&value=0&label=0X0ZCKODz9IBELGV3PcD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tiba=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&auid=953754183.1664884454&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sccm.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=84718c17-8a99-4455-b09f-fd499012989a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=add1a1aa-7486-4e59-9c30-2f7c3c060080&tw_document_href=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8jr6&type=javascript&version=2.3.27

104.244.42.67

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=84718c17-8a99-4455-b09f-fd499012989a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=add1a1aa-7486-4e59-9c30-2f7c3c060080&tw_document_href=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8jr6&type=javascript&version=2.3.27
IP
104.244.42.67:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=84718c17-8a99-4455-b09f-fd499012989a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=add1a1aa-7486-4e59-9c30-2f7c3c060080&tw_document_href=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8jr6&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:14 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_EarvfOyDryJ5RkNgFvBVhw=="; Max-Age=63072000; Expires=Thu, 03 Oct 2024 11:54:15 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 64c168a20916d317
strict-transport-security: max-age=631138519
x-response-time: 111
x-connection-hash: 15bb7ce38b643b100935a4b7952e57066c16b38106537c6320b6075d7a98ee58
X-Firefox-Spdy: h2

twin-iq.kickfire.com/twin.js?13716

34.208.31.23

200 OK

424 B

URL HTTP/2
twin-iq.kickfire.com/twin.js?13716
IP
34.208.31.23:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
424 B (424 bytes)
Hash
5bd1e8c855937dd99944ba4915d8f595
4e256c292e86a29cc05fea86f55740eddc607e6e
034acd3ced0cf00cdfcb684283fdc624a48c2dc8dcddeb55e09412f92971056d

HTTP Headers

GET /twin.js?13716 HTTP/1.1
Host: twin-iq.kickfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:15 GMT
content-type: application/javascript
content-length: 424
server: Apache/2.4.52 ()
last-modified: Thu, 06 Jan 2022 20:12:30 GMT
etag: "1a8-5d4ef7d746e6f"
accept-ranges: bytes
x-frame-options: DENY
content-security-policy: frame-ancestors 'none';
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

9289677.fls.doubleclick.net/activityi;src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip?

142.250.74.70

200 OK

359 B

URL HTTP/2
9289677.fls.doubleclick.net/activityi;src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (461), with no line terminators
Size
359 B (359 bytes)
Hash
778cf86245e84f334e33b606adf6668c
bf66d9793eea5e315fd14d8830c7175f90270852
05ccd1e7a73f315f6b4c050daa2523a05167c9120775a797f5541f2a78107665

HTTP Headers

GET /activityi;src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip? HTTP/1.1
Host: 9289677.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:54:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 359
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 12:09:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

10176109.fls.doubleclick.net/activityi;src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip?

142.250.74.70

200 OK

360 B

URL HTTP/2
10176109.fls.doubleclick.net/activityi;src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (460), with no line terminators
Size
360 B (360 bytes)
Hash
28dc62bc3e4f289c1d1c0aaedfd6e28e
890aa15a01e77f95075143303b89ae17129cd6ee
c7b71b0681be7d3d1771c0baf44a78ec9f99073398b7e64a348d47d4d8f09b31

HTTP Headers

GET /activityi;src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip? HTTP/1.1
Host: 10176109.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:54:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 360
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 12:09:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

twin-iq.kickfire.com/twin.php?TWIQ=13716&kftwiqpg=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&Hst=www.sccm.org&r=0.9449339135707483

34.208.31.23

200 OK

567 B

URL HTTP/2
twin-iq.kickfire.com/twin.php?TWIQ=13716&kftwiqpg=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&Hst=www.sccm.org&r=0.9449339135707483
IP
34.208.31.23:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
567 B (567 bytes)
Hash
fee8de95f32ef91a86b7e9c6f1e2d33e
4933c12a92390697f00bc9a16e051e7967284e7d
918ef9f58cd1f9d82e65e229fe6d3612c07e03c7ec3a12613c72633f0873104b

HTTP Headers

GET /twin.php?TWIQ=13716&kftwiqpg=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&Hst=www.sccm.org&r=0.9449339135707483 HTTP/1.1
Host: twin-iq.kickfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:16 GMT
content-type: image/png
server: Apache/2.4.52 ()
x-powered-by: PHP/7.2.34
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-frame-options: DENY
content-security-policy: frame-ancestors 'none';
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip

142.250.74.34

200 OK

359 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (460), with no line terminators
Size
359 B (359 bytes)
Hash
890dd6f0aa94bf0e194085e27ea3237e
7f060d150007dbd12256437f68c2ddb28ef7fca2
068242f36b2c3140a55b0817568102a7dc6253e034db643b7fe6b32bb014b3f7

HTTP Headers

GET /ddm/fls/i/src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9289677.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:54:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip

142.250.74.34

200 OK

360 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (459), with no line terminators
Size
360 B (360 bytes)
Hash
59e329bc40915f3aee6da7b75e25e961
3e0a097bc798cbbfc2453c9da2f9063281ff4601
d64a5f544f40b567e822b499944841964b283871d632b5b9d3ac07e037c0dab7

HTTP Headers

GET /ddm/fls/i/src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10176109.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:54:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip

142.250.74.98

200 OK

177 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
177 B (177 bytes)
Hash
9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0

HTTP Headers

GET /ddm/fls/i/src=9289677;type=siter0;cat=siter001;ord=6218977867007;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:54:16 GMT
expires: Tue, 04 Oct 2022 11:54:16 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip

142.250.74.98

200 OK

177 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
177 B (177 bytes)
Hash
9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0

HTTP Headers

GET /ddm/fls/i/src=10176109;type=assoc0;cat=sccm-0;ord=5033700867810;gtm=2od9s0;auiddc=953754183.1664884454;~oref=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:54:16 GMT
expires: Tue, 04 Oct 2022 11:54:16 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
1cc2aa18969592cef74818d08ac2dc64
77af38bda9f772b23ffb48a47b8b8bd584bb5745
dded3d506e09e3f0c27e1af741036349d43a792aae4cc1532243c0955f8ed020

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 11:54:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 13:52:42 GMT
Expires: Tue, 04 Oct 2022 13:52:42 GMT
ETag: "77af38bda9f772b23ffb48a47b8b8bd584bb5745"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.rumiview.com/containers/c981446a-d8a9-4500-894e-cbb64bfabd5f.js

199.185.0.231

200 OK

60 kB

URL HTTP/1.1
www.rumiview.com/containers/c981446a-d8a9-4500-894e-cbb64bfabd5f.js
IP
199.185.0.231:0
ASN
#21592 MULTIVIEW

File type
Unicode text, UTF-8 text, with very long lines (32031)
Size
60 kB (60012 bytes)
Hash
11850d2da93afdf96ecf05d1c5ce2cd9
961889e5b5a2c802a9ddbd560095d6b029921225
c77ce62bd6def00a560c5d6abe4333c9e17ac5bfcd5c47d7cdf3277cd4005d37

HTTP Headers

GET /containers/c981446a-d8a9-4500-894e-cbb64bfabd5f.js HTTP/1.1
Host: www.rumiview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Tue, 04 Oct 2022 11:54:16 GMT
content-type: application/javascript; charset=utf-8
transfer-encoding: chunked
cache-control: public, must-revalidate, max-age=360
vary: Accept-Encoding, Accept-Encoding, Cookie
x-robots-tag: none
content-encoding: gzip

www.rumiview.com/ppms.js

199.185.0.231

200 OK

24 kB

URL HTTP/1.1
www.rumiview.com/ppms.js
IP
199.185.0.231:0
ASN
#21592 MULTIVIEW

File type
data
Size
24 kB (23901 bytes)
Hash
c9d7df0fac7477821d28595ad2bd36f1
4a7723baffc9d470c948923338012fe280e0c3b0
a75006830c6a8a90d3ddf7d1d06d5eff76ec3bce7d4d0c4b268459e7ad6752aa

HTTP Headers

GET /ppms.js HTTP/1.1
Host: www.rumiview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Tue, 04 Oct 2022 11:54:16 GMT
content-type: application/javascript
last-modified: Tue, 20 Jul 2021 10:53:42 GMT
transfer-encoding: chunked
vary: Accept-Encoding
etag: W/"60f6ab36-11bae"
expires: Tue, 04 Oct 2022 17:54:16 GMT
cache-control: max-age=21600
x-content-type-options: nosniff
content-encoding: gzip

www.rumiview.com/ppms.php?action_name=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&idsite=c981446a-d8a9-4500-894e-cbb64bfabd5f&rec=1&r=942040&h=11&m=54&s=16&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&_id=2c2fc97244f0ac8d&_idts=1664884456&_idvc=1&_idn=0&_viewts=1664884457&send_image=1&cookie=1&res=1280x1024&gt_ms=540&pv_id=tdZ51v

199.185.0.231

200 OK

43 B

URL HTTP/1.1
www.rumiview.com/ppms.php?action_name=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&idsite=c981446a-d8a9-4500-894e-cbb64bfabd5f&rec=1&r=942040&h=11&m=54&s=16&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&_id=2c2fc97244f0ac8d&_idts=1664884456&_idvc=1&_idn=0&_viewts=1664884457&send_image=1&cookie=1&res=1280x1024&gt_ms=540&pv_id=tdZ51v
IP
199.185.0.231:0
ASN
#21592 MULTIVIEW

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ppms.php?action_name=Society%20of%20Critical%20Care%20Medicine%20%7C%20SCCM&idsite=c981446a-d8a9-4500-894e-cbb64bfabd5f&rec=1&r=942040&h=11&m=54&s=16&url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&_id=2c2fc97244f0ac8d&_idts=1664884456&_idvc=1&_idn=0&_viewts=1664884457&send_image=1&cookie=1&res=1280x1024&gt_ms=540&pv_id=tdZ51v HTTP/1.1
Host: www.rumiview.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Tue, 04 Oct 2022 11:54:17 GMT
content-type: image/gif
content-length: 43
content-encoding: none

bcp.crwdcntrl.net/5/c=12671/rand=477544860/pv=y/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM/int=%23OpR%2382957%23www.sccm.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files/int=%23OpR%2382959%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files%20%3A%20setup/rt=ifr

52.18.161.218

302 Found

0 B

URL HTTP/2
bcp.crwdcntrl.net/5/c=12671/rand=477544860/pv=y/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM/int=%23OpR%2382957%23www.sccm.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files/int=%23OpR%2382959%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files%20%3A%20setup/rt=ifr
IP
52.18.161.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /5/c=12671/rand=477544860/pv=y/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM/int=%23OpR%2382957%23www.sccm.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files/int=%23OpR%2382959%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files%20%3A%20setup/rt=ifr HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Tue, 04 Oct 2022 11:54:17 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=477544860/pv=y/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM/int=%23OpR%2382957%23www.sccm.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files/int=%23OpR%2382959%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files%20%3A%20setup/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.28.239
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2

bcp.crwdcntrl.net/5/ct=y/c=12671/rand=477544860/pv=y/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM/int=%23OpR%2382957%23www.sccm.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files/int=%23OpR%2382959%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files%20%3A%20setup/rt=ifr

52.18.161.218

200 OK

163 B

URL HTTP/2
bcp.crwdcntrl.net/5/ct=y/c=12671/rand=477544860/pv=y/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM/int=%23OpR%2382957%23www.sccm.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files/int=%23OpR%2382959%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files%20%3A%20setup/rt=ifr
IP
52.18.161.218:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
163 B (163 bytes)
Hash
c7ce5cdd8930792dd0e2d34df06032ba
7b545df8b9d1b10c3635a114ee95cd362f5658bf
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

HTTP Headers

GET /5/ct=y/c=12671/rand=477544860/pv=y/seg=17.33.84/seg=17.33.85/seg=17.33.86/seg=17.33.87/seg=17.33.88/seg=17.34.6/seg=17.34.7/seg=17.41.5/seg=17.41.18/seg=17.41.19/seg=17.41.32/seg=17.41.33/seg=17.41.34/seg=17.41.36/seg=17.41.37/seg=17.41.38/seg=SCCM/int=%23OpR%2382957%23www.sccm.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files/int=%23OpR%2382959%23www.sccm.org%20%3A%20Site%20Section%20%3A%20Files%20%3A%20setup/rt=ifr HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sccm.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:17 GMT
content-type: text/html;charset=utf-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.15.36
x-consent: absent
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2

polo.feathr.co/v1/analytics/crumb?cb=1664884458888&a_id=61264f156e62b12358355a6b&f_id=633c1ee67780780009253b07&ses_id=633c1ee590e6a10535ae30d7&flvr=page_view&loc_url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&s_w=1280&s_h=1024&b_w=1280&b_h=939&cust_params=e30=

34.198.183.83

200 OK

43 B

URL HTTP/2
polo.feathr.co/v1/analytics/crumb?cb=1664884458888&a_id=61264f156e62b12358355a6b&f_id=633c1ee67780780009253b07&ses_id=633c1ee590e6a10535ae30d7&flvr=page_view&loc_url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&s_w=1280&s_h=1024&b_w=1280&b_h=939&cust_params=e30=
IP
34.198.183.83:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

HTTP Headers

GET /v1/analytics/crumb?cb=1664884458888&a_id=61264f156e62b12358355a6b&f_id=633c1ee67780780009253b07&ses_id=633c1ee590e6a10535ae30d7&flvr=page_view&loc_url=https%3A%2F%2Fwww.sccm.org%2FFiles%2Fsetup.zip&s_w=1280&s_h=1024&b_w=1280&b_h=939&cust_params=e30= HTTP/1.1
Host: polo.feathr.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Cookie: f_id=633c1ee67780780009253b07
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.8
date: Tue, 04 Oct 2022 11:54:19 GMT
content-type: image/gif
content-length: 43
cache-control: max-age=0,no-cache,no-store
set-cookie: f_id=633c1ee67780780009253b07; Domain=.feathr.co; Expires=Wed, 04-Oct-2023 11:54:19 GMT; Secure; Path=/; SameSite=None
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
X-Firefox-Spdy: h2

cdn.feathr.co/js/boomerang.min.js

172.67.159.92

200 OK

0 B

URL HTTP/2
cdn.feathr.co/js/boomerang.min.js
IP
172.67.159.92:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/boomerang.min.js HTTP/1.1
Host: cdn.feathr.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:54:14 GMT
content-type: text/javascript; charset=utf-8
x-amz-id-2: +mP7B+P4j5CXwhLM/ZjcQdd2HqxRz7Kv6koQCdsAxhxCaiyxOqE55Pb/Csf3yOcivpAFcFsmUTw=
x-amz-request-id: 2YZVYT7NB27JETP5
last-modified: Tue, 06 Sep 2022 19:13:33 GMT
etag: W/"1c3cc48d83e98f6354bdcb81989deafe"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isq7ANj4bMA8ZXbVhx68icX8Bm6d%2BiPiUdmUmhZgPSAugbZXOk4sCB01ZS0A2GVzYv3LiW7BE6jbxzIl1ew1uLbMjUbweBbh99piI5e94VA2bHC5jFjdr1pQBtQOjBSd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754db8bf3941b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.sccm.org/ScriptResource.axd?d=YEhAFQxkZxblJtr0E4G7Y_817BAVo92kIfg2xRpQZs5jbt3fybQ45XS-5MjSsdjGzwklgelVImCVS1wd_BBX3xcg5z4bg_i9zfA80h11gnBSz5i-7EqbYI_WS59v5rdYqHaIZA2&t=7c776dc1

52.237.132.233

200 OK

0 B

URL HTTP/2
www.sccm.org/ScriptResource.axd?d=YEhAFQxkZxblJtr0E4G7Y_817BAVo92kIfg2xRpQZs5jbt3fybQ45XS-5MjSsdjGzwklgelVImCVS1wd_BBX3xcg5z4bg_i9zfA80h11gnBSz5i-7EqbYI_WS59v5rdYqHaIZA2&t=7c776dc1
IP
52.237.132.233:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ScriptResource.axd?d=YEhAFQxkZxblJtr0E4G7Y_817BAVo92kIfg2xRpQZs5jbt3fybQ45XS-5MjSsdjGzwklgelVImCVS1wd_BBX3xcg5z4bg_i9zfA80h11gnBSz5i-7EqbYI_WS59v5rdYqHaIZA2&t=7c776dc1 HTTP/1.1
Host: www.sccm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/Files/setup.zip
Cookie: CMSPreferredCulture=en-US; CMSCsrfCookie=3bKoqLbM/vHcwDhvvtNkxXS1beX04OLozlTEIyfy; ASP.NET_SessionId=01m2wqr2tzml1cgwx4axyboz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: text/javascript
content-encoding: gzip
expires: Tue, 03 Oct 2023 23:35:46 GMT
last-modified: Mon, 03 Oct 2022 23:35:46 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 04 Oct 2022 11:54:12 GMT
content-length: 5646
X-Firefox-Spdy: h2

polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1664884454889

34.198.183.83

200 OK

0 B

URL HTTP/2
polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1664884454889
IP
34.198.183.83:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v1/analytics/match/script.js?pk=feathr&cb=1664884454889 HTTP/1.1
Host: polo.feathr.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Cookie: f_id=633c1ee67780780009253b07
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.8
date: Tue, 04 Oct 2022 11:54:15 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: no-cache, max-age=0
etag: W/"633c1ee67780780009253b07"
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-encoding: gzip
X-Firefox-Spdy: h2

tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671

54.230.111.122

200 OK

0 B

URL HTTP/2
tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671
IP
54.230.111.122:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/12671/cc.js?ns=_cc12671 HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sccm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
date: Tue, 04 Oct 2022 02:44:08 GMT
last-modified: Tue, 04 Oct 2022 00:25:23 GMT
etag: W/"e26dc14e3772420eb25f71c12f0da49b"
x-amz-server-side-encryption: AES256
cache-control: max-age: 86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rfOWZHaPIKFQ--WkR9VO5D9OEXhU3FZAmH3y7_iicocaJ-G-weJDTA==
age: 33008
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (47)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations