www.jamf.com Open in urlscan Pro
52.202.41.93  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/	161 KB 38 KB	340ms 111ms	Document text/html	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash b1ee72151418c1eae4b6c22c353bedcaacb348f245224654de44013f67c8fb3b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 36913 content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-type text/html; charset=UTF-8 date Mon, 26 Sep 2022 22:03:21 GMT expires Sat, 26 Jul 1997 05:00:00 GMT last-modified Mon, 26 Sep 2022 16:10:01 GMT link <https://hello.myfonts.net>; rel=dns-prefetch, <https://resources.jamf.com>; rel=dns-prefetch; preconnect, </css/main.css?v=20220923151414>; rel=preload; as=style, </js/jamf-critical.min.js?v=20220923151414>; rel=preload; as=script, <https://resources.jamf.com/type/proxima-nova-regular.woff2>; rel=preload; as=font; crossorigin; type="font/woff2", <https://resources.jamf.com/type/proxima-nova-bold.woff2>; rel=preload; as=font; crossorigin; type="font/woff2", <https://resources.jamf.com/type/jcon_6372353d58f40790101470a75b02ecf2.woff>; rel=preload; as=font; crossorigin; type="font/woff" permissions-policy interest-cohort=() pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} server Apache/2.4.29 (Ubuntu) strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	main.css www.jamf.com/css/	510 KB 74 KB	184ms 178ms	Stylesheet text/css	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/css/main.css?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 62ba7d53c2957cb702045addda2e93fd2c5296f0199814fd36b3779952be0e85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:17:07 GMT server Apache/2.4.29 (Ubuntu) etag "7f984-5e95ddcab56c0-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type text/css content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes vary Accept-Encoding x-content-type-options nosniff
GET H2	200	jamf-critical.min.js Show response www.jamf.com/js/	2 KB 2 KB	168ms 158ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jamf-critical.min.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash d0764256fb77a2b25b679bb50f275bb84cc474116dceccb90da936cfd4ecc928 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:17:27 GMT server Apache/2.4.29 (Ubuntu) etag "944-5e95ddddc83c0-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 1190 x-content-type-options nosniff
GET H2	200	proxima-nova-regular.woff2 resources.jamf.com/type/	33 KB 34 KB	47ms 8ms	Font binary/octet-stream	18.66.112.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/proxima-nova-regular.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-100.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c51d95a70da69fdaf1d0b36d4fd9de081aa4df8c0c46740ee0323866682b302c Request headers Referer https://www.jamf.com/ Origin https://www.jamf.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 07 Sep 2022 22:14:01 GMT via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) age 1640961 x-cache Hit from cloudfront content-length 34165 last-modified Wed, 13 Sep 2017 14:58:22 GMT server AmazonS3 etag "df53d94ae188ffd9000420c38ddf895e" vary Origin access-control-allow-methods GET, HEAD x-amz-version-id zU_pXaYtRWKAw2hO4T2Kw0OksaO51aQ2 access-control-allow-origin https://www.jamf.com cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type binary/octet-stream x-amz-cf-id Iy-yl03gP0By75-KTzWCoUelMcjtGBSkLnkfQxH_-uJx_v_BHFcPoQ==
GET H2	200	proxima-nova-bold.woff2 resources.jamf.com/type/	33 KB 34 KB	48ms 10ms	Font binary/octet-stream	18.66.112.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/proxima-nova-bold.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-100.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 532336cd1e9ff5bd041c34b85d09503bf2182f9f73b1c6763220d5e621eefd7d Request headers Referer https://www.jamf.com/ Origin https://www.jamf.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:04:35 GMT via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) age 1457927 x-cache Hit from cloudfront content-length 34256 last-modified Wed, 13 Sep 2017 14:58:22 GMT server AmazonS3 etag "417be9e72bae5f37eddfbc4bd938564f" vary Origin access-control-allow-methods GET, HEAD x-amz-version-id FCWEvl9yzclfk7mwlcDg2sUTOdXBK8fz access-control-allow-origin https://www.jamf.com cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type binary/octet-stream x-amz-cf-id nNoPnnoMMmGE3UyOvPurH9HjLTG0BLFd4iO2jvNSW-LmDVbVBYJvIg==
GET H2	200	jcon_6372353d58f40790101470a75b02ecf2.woff resources.jamf.com/type/	29 KB 30 KB	57ms 19ms	Font font/woff	18.66.112.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/jcon_6372353d58f40790101470a75b02ecf2.woff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-100.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 67671093eef8d6a896a1bae9de4068642bbe8e3935cbf24c53dc310eed0aec0e Request headers Referer https://www.jamf.com/ Origin https://www.jamf.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:21:29 GMT via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) age 2623313 x-cache Hit from cloudfront content-length 29836 last-modified Tue, 02 Mar 2021 19:02:56 GMT server AmazonS3 etag "f0ade86f102e931e7436583cfd79de64" vary Origin access-control-allow-methods GET, HEAD x-amz-version-id 4RZXApkHDW6rY4e6mFT1znfuUQwtGJ2C access-control-allow-origin https://www.jamf.com cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type font/woff x-amz-cf-id lMOpxRoyAYkspRM-qwjVndTdE-mYoUxjtd6F5_fCb8xK99OL72BeTg==
GET H2	200	main.css www.jamf.com/styles/	231 KB 25 KB	263ms 255ms	Stylesheet text/css	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/styles/main.css?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 152f76c3f61a2d95c921180c28a90bda3beb32c42f075a52381f0177ffa3bb04 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:16:49 GMT server Apache/2.4.29 (Ubuntu) etag "39a67-5e95ddb98ae40-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type text/css vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 25108 x-content-type-options nosniff
GET H2	200	typography-override.css www.jamf.com/css/	151 KB 12 KB	258ms 251ms	Stylesheet text/css	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/css/typography-override.css?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 728aefd0ab275343b22c5250c812e9d696409ec67285262a1b5b8af582f6c320 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:17:08 GMT server Apache/2.4.29 (Ubuntu) etag "25bdf-5e95ddcba9900-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type text/css vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 11067 x-content-type-options nosniff
GET H2	200	jamf-button.js Show response www.jamf.com/js/webcomponents/nebula/	38 KB 10 KB	172ms 166ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/jamf-button.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 790d04bc004242670fe4909931ff8433f69620bd4b87879a3c2f11d1f20a7b89 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:14:26 GMT server Apache/2.4.29 (Ubuntu) etag "98e4-5e95dd312ac80-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 9651 x-content-type-options nosniff
GET H2	200	jamf-icon.js Show response www.jamf.com/js/webcomponents/nebula/	35 KB 10 KB	258ms 253ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/jamf-icon.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 2024f8a682cdb8eb3579fdff57575d3421804950cfcadda88a093398fc8ea7f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:14:26 GMT server Apache/2.4.29 (Ubuntu) etag "8b12-5e95dd312ac80-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 9321 x-content-type-options nosniff
GET H2	200	jamf-script-editor.js Show response www.jamf.com/js/webcomponents/nebula/	62 KB 15 KB	259ms 254ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/jamf-script-editor.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 52b2c9f777cc2e1e51f74fdebcbed2af52e26774f25a0a6d138991e6202062d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:14:26 GMT server Apache/2.4.29 (Ubuntu) etag "f914-5e95dd312ac80-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 14896 x-content-type-options nosniff
GET H2	200	webcomponents.js Show response www.jamf.com/scripts/	593 KB 168 KB	262ms 257ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/scripts/webcomponents.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 3229c13dcf0fe824f9e23c82ebb371b738a9bf824793b4908201f9e0751368e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:16:49 GMT server Apache/2.4.29 (Ubuntu) etag "945cd-5e95ddb98ae40-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes vary Accept-Encoding x-content-type-options nosniff
GET H2	200	jquery.min.js Show response www.jamf.com/js/	87 KB 31 KB	260ms 257ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jquery.min.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash cd2d359251224ba9e2d52ffa24ff57d11ffd8d67bad1670fac88e4cb03075d19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:17:38 GMT server Apache/2.4.29 (Ubuntu) etag "15c75-5e95dde845c80-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 30899 x-content-type-options nosniff
GET H2	200	jquery-migrate.js Show response www.jamf.com/js/	25 KB 9 KB	270ms 266ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jquery-migrate.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 597537332cb00282583636d9da6baff21ce798a8a6ed63ae2cbd3a6f88e83623 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:17:14 GMT server Apache/2.4.29 (Ubuntu) etag "62ff-5e95ddd162680-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 8144 x-content-type-options nosniff
GET H2	200	index.js Show response www.jamf.com/js/webcomponents/jamf-account/	117 KB 26 KB	105ms 105ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/jamf-account/index.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash e378d0dea92308aa4009f8e3387029c6302fa920706fc2f9b7838e9208f57318 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:21 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:16:21 GMT server Apache/2.4.29 (Ubuntu) etag "1d5f7-5e95dd9ed6f40-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 25690 x-content-type-options nosniff
GET H2	200	custom.js Show response www.jamf.com/scripts/	36 KB 8 KB	102ms 101ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/scripts/custom.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 109290971ae5e29949c01e6950e3ff93af81e92c4df0793f771567fa644a158e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:22 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:16:49 GMT server Apache/2.4.29 (Ubuntu) etag "918a-5e95ddb98ae40-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 7749 x-content-type-options nosniff
GET H2	200	jamf-one-color-dark-for-print-css.svg resources.jamf.com/images/logos/	1 KB 1 KB	25ms 7ms	Image image/svg+xml	18.66.112.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://resources.jamf.com/images/logos/jamf-one-color-dark-for-print-css.svg Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-100.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 41ab5fe54178008304401cafcbd15e7028bc7bacd8d35bdc4426a825383f48db Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id 8qDxh1nyFEiPATU0peuHO.PIFUumQ8Y0 content-encoding gzip last-modified Fri, 05 Oct 2018 18:53:57 GMT server AmazonS3 age 62679 etag W/"55abc948af2b541a5847f4fd0768e026" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront) date Mon, 26 Sep 2022 20:11:27 GMT x-amz-cf-pop FRA56-P5 x-amz-cf-id 1HjfGewZ3qGDXuG5mLoYPvMt6Rg2TrIfg7zMiMuLgrsozb27jKM2aA==
GET H2	200	jamf-protect-nukesped.jpg media.jamf.com/images/news/	70 KB 71 KB	1198ms 1156ms	Image image/jpeg	13.32.99.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.jamf.com/images/news/jamf-protect-nukesped.jpg?q=80&w=1500 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-40.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash f59a98c7b28eb0eee77be336c69d19d65bdcd7e5ccc819ef3cd97d495d78553f Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:24 GMT via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) last-modified Tue, 10 May 2022 18:32:20 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag "f17de682daa581836d9cd80a9ab6bbbf" x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 71956 x-amz-cf-id cJFhmxkLFGkrY20oGhOuVCUT6YNcImfsNgdfMjvA-5ak4DyRTrB9jg==
GET H2	200	jamf-research-team-ru-uk-cyber-findings.jpg media.jamf.com/images/news/	30 KB 31 KB	1082ms 1040ms	Image image/jpeg	13.32.99.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.jamf.com/images/news/jamf-research-team-ru-uk-cyber-findings.jpg?q=80&w=500 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-40.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 145a6fa1970a99ec5c4457f3e96f56149a60e1332808951c9bed71d55f06a17d Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:23 GMT via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) last-modified Wed, 16 Mar 2022 20:14:57 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag "101021984636d9257d9bc431d0937667" x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 30902 x-amz-cf-id KHO_cs21v07lSbpuxJZ6KdtOPsRVtnIsEkJGTSTy25niT4YE8A3NLw==
GET H2	200	what-is-jamf-threat-labs.jpg media.jamf.com/images/news/	37 KB 37 KB	566ms 524ms	Image image/jpeg	13.32.99.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.jamf.com/images/news/what-is-jamf-threat-labs.jpg?q=80&w=500 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-40.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 8c18aaa192a1ce53b8f4f5d89332dc4cdf3ec90a3ba7b12b8572e7504fc97275 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:23 GMT via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) last-modified Tue, 10 May 2022 18:32:19 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag "5c21f02cb02a4af396f530ba12ba95cc" x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 37808 x-amz-cf-id rf48O6ytJRXHBx9ABnABRxaUB7Pw_PGySTPNbqnlGSb7fg_ZcKrRFA==
GET H2	200	vendors~jamf-dropdown-vendors.js Show response www.jamf.com/scripts/dep/	18 KB 7 KB	101ms 101ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/scripts/dep/vendors~jamf-dropdown-vendors.js Requested by Host: www.jamf.com URL: https://www.jamf.com/scripts/webcomponents.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 6d444ef6c991190d067f7161f627b01004c785de1d21f500463c41448b7b112f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:22 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:16:49 GMT server Apache/2.4.29 (Ubuntu) etag "4652-5e95ddb98ae40-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 6326 x-content-type-options nosniff
GET H2	200	vendors~jamf-script-editor-vendors.js Show response www.jamf.com/js/webcomponents/nebula/dep/	353 KB 112 KB	110ms 109ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/dep/vendors~jamf-script-editor-vendors.js Requested by Host: www.jamf.com URL: https://www.jamf.com/js/webcomponents/nebula/jamf-script-editor.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 1be1147aa2b56a6b06f3ffc4f3c40f632501714ae1af7e7bdf4e88709b6493b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:22 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:14:26 GMT server Apache/2.4.29 (Ubuntu) etag "58523-5e95dd312ac80-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes vary Accept-Encoding x-content-type-options nosniff
GET H2	200	jamf-script-editor-vendors.js Show response www.jamf.com/js/webcomponents/nebula/dep/	320 B 1 KB	101ms 101ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/dep/jamf-script-editor-vendors.js Requested by Host: www.jamf.com URL: https://www.jamf.com/js/webcomponents/nebula/jamf-script-editor.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 76b8709268b15be6e2a86baee991bf50d363d2434309a47453c11868e4d45214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:22 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:14:26 GMT server Apache/2.4.29 (Ubuntu) etag "140-5e95dd312ac80-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 213 x-content-type-options nosniff
GET H2	200	jcon_6372353d58f40790101470a75b02ecf2.woff2 resources.jamf.com/type/	24 KB 25 KB	7ms 7ms	Font font/woff2	18.66.112.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/jcon_6372353d58f40790101470a75b02ecf2.woff2 Requested by Host: www.jamf.com URL: https://www.jamf.com/css/main.css?v=20220923151414 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-100.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 414be1cf7d1a22d082c3c58a8d5f1f32d1df213625f67e865d340f15eb7bf7f8 Request headers Referer https://www.jamf.com/ Origin https://www.jamf.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 30 Aug 2022 05:57:03 GMT via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) age 2390780 x-cache Hit from cloudfront content-length 24836 last-modified Tue, 02 Mar 2021 19:02:56 GMT server AmazonS3 etag "d69debcb451a5876e1d9faa48422717f" vary Origin access-control-allow-methods GET, HEAD x-amz-version-id 0k2zna3QN9w7pnBlPP3QtYam9eaRghG0 access-control-allow-origin https://www.jamf.com cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type font/woff2 x-amz-cf-id zX5aiBsV1GW5UU_Xjm0NeFCYZcb0GidcEk119OEB-b-XdrEbKQJcAQ==
GET H2	200	/ Show response www.jamf.com/oauth/user/	2 B 871 B	105ms 105ms	Fetch application/json	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/oauth/user/ Requested by Host: www.jamf.com URL: https://www.jamf.com/js/webcomponents/jamf-account/index.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:22 GMT referrer-policy strict-origin-when-cross-origin server Apache/2.4.29 (Ubuntu) x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/json strict-transport-security max-age=31536000; includeSubDomains content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 2 x-content-type-options nosniff
GET H2	200	/ Show response www.jamf.com/oauth/user/	2 B 869 B	107ms 107ms	Fetch application/json	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/oauth/user/ Requested by Host: www.jamf.com URL: https://www.jamf.com/js/webcomponents/jamf-account/index.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:22 GMT referrer-policy strict-origin-when-cross-origin server Apache/2.4.29 (Ubuntu) x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/json strict-transport-security max-age=31536000; includeSubDomains content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 2 x-content-type-options nosniff
GET H2	200	/ Show response www.jamf.com/oauth/user/	2 B 867 B	103ms 103ms	Fetch application/json	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/oauth/user/ Requested by Host: www.jamf.com URL: https://www.jamf.com/js/webcomponents/jamf-account/index.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:22 GMT referrer-policy strict-origin-when-cross-origin server Apache/2.4.29 (Ubuntu) x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/json strict-transport-security max-age=31536000; includeSubDomains content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 2 x-content-type-options nosniff
GET H2	200	/ Show response www.jamf.com/oauth/user/	2 B 870 B	103ms 103ms	Fetch application/json	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/oauth/user/ Requested by Host: www.jamf.com URL: https://www.jamf.com/js/webcomponents/jamf-account/index.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:22 GMT referrer-policy strict-origin-when-cross-origin server Apache/2.4.29 (Ubuntu) x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/json strict-transport-security max-age=31536000; includeSubDomains content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 2 x-content-type-options nosniff
GET H2	200	a26e7c0f d21y75miwcfqoq.cloudfront.net/	68 B 436 B	685ms 635ms	Image image/png	2600:9000:2304:5400:1b:ef38:3680:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d21y75miwcfqoq.cloudfront.net/a26e7c0f Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:5400:1b:ef38:3680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 26 Sep 2022 22:03:23 GMT via 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront) last-modified Mon, 17 May 2021 18:46:15 GMT server AmazonS3 x-amz-cf-pop VIE50-P1 etag "91e42db1c66c0b276abf6234dc50b2eb" x-cache Miss from cloudfront content-type image/png cache-control no-cache, no-store accept-ranges bytes content-length 68 x-amz-cf-id 0Ncflutul1R2amPUaDf_CbqZYBrL3HLV1p-FVT5U1TZh2H2wvmfPsg==
GET H2	200	jamf-non-critical.min.js Show response www.jamf.com/js/	635 KB 186 KB	109ms 109ms	Script application/javascript	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jamf-non-critical.min.js?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash e7781b76be779c9fffe27b84da85ca127f10ea6493118e06ee332113d6646994 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:23 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:17:35 GMT server Apache/2.4.29 (Ubuntu) etag "9ec2f-5e95dde5695c0-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type application/javascript content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes vary Accept-Encoding x-content-type-options nosniff
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/	96 KB 26 KB	120ms 37ms	Script text/javascript	99.86.246.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-non-critical.min.js?v=20220923151414 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-220.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash 1f96687954e926a069c16d1ff7e2c143f73f15c3a81cd54454140a1334a5ebd4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id JUc7AsY3huG3Byx1YcqPQQN.2Jkp8TTo content-encoding br etag W/"9dcab8cc25199c6ea65caa50b37c6772" age 3 x-cache Hit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Wed, 31 Aug 2022 19:02:11 GMT server AmazonS3 date Mon, 26 Sep 2022 22:03:21 GMT vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 via 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront) cache-control public, max-age=120 x-amz-cf-pop VIE50-C1 x-amz-cf-id mAlYgpMaEypwRGFUpRGYM2nX9YWmyt6PB477BupeRC-OuiFZ3-qbdA==
GET H/1.1	200 OK	check Show response api.ipstack.com/	934 B 1 KB	468ms 131ms	Fetch application/json	34.197.248.129 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipstack.com/check?access_key=c2ccbccf2b204099044f23939be77673 Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-non-critical.min.js?v=20220923151414 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.197.248.129 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-197-248-129.compute-1.amazonaws.com Software / Resource Hash 71aa243bf8b4a3ed466c3607f4e42e91caa4664611eb25ba65ca20a4e000bb9b Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:23 GMT x-apilayer-transaction-id d52221e7-a955-4930-b292-f4c42f884b26 transfer-encoding chunked access-control-allow-methods GET, POST, HEAD, OPTIONS content-type application/json access-control-allow-origin * x-request-time 0.028 x-quota-limit 2000000 access-control-allow-headers * x-increment-usage 1 x-quota-remaining 1259731
GET DATA	200 OK	truncated /	58 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	print.css www.jamf.com/css/	20 KB 6 KB	101ms 101ms	Stylesheet text/css	52.202.41.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/css/print.css?v=20220923151414 Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jquery.min.js?v=20220923151414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.41.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-41-93.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash f572cf772d4301ef2844d0ba2941b0942ddfa9ecbe6c2b234c445648a9b9302c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/blog/nukesped-malware-a-dud-thanks-to-jamf-protect/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 22:03:23 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin last-modified Fri, 23 Sep 2022 20:17:08 GMT server Apache/2.4.29 (Ubuntu) etag "4ec1-5e95ddcba9900-gzip" x-frame-options SAMEORIGIN report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} content-type text/css vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 4960 x-content-type-options nosniff
GET H2	200	settings Show response cdn.segment.com/v1/projects/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/	2 KB 1 KB	114ms 76ms	XHR application/json	99.86.246.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/settings Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-220.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash d164033936740ce767a0036b2d3922ff50bd29ab30b57bd005f64656a0ddcc79 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id 0PbSqBCMFCuaT30RMjymGieQtYQJAwrF content-encoding br etag W/"cee1418b5234b649853d535703405594" age 4675 x-cache Hit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Mon, 09 May 2022 21:01:36 GMT server AmazonS3 date Mon, 26 Sep 2022 20:45:29 GMT vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 via 1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront) cache-control public, max-age=10800 x-amz-cf-pop VIE50-C1 x-amz-cf-id MkEj_ZfnRJ4OkKC9pJ7gGOZ4Y0b0q_3BOK2xfij32WbD5qQmBhNkDg==
GET H2	200	870.bundle.323974846b6d45afb45e.js Show response cdn.segment.com/analytics-next/bundles/	17 KB 5 KB	18ms 18ms	Script application/javascript	99.86.246.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-220.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 27 Aug 2022 01:39:40 GMT content-encoding gzip vary Accept-Encoding age 2665424 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Fri, 26 Aug 2022 03:04:21 GMT server AmazonS3 etag W/"d471f2a8b801a51bbc09c91b3f90b749" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id qltndKW7QqDrf8ZSZrei2HuGEvEC2x.O via 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop VIE50-C1 content-type application/javascript x-amz-cf-id zUtUB-NzYOQ_Q2q5eMib3y-wmw8UHJH4kYQbvtgrnaf7m-YVxrKCJQ==
GET H2	200	ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response cdn.segment.com/analytics-next/bundles/	10 KB 4 KB	18ms 18ms	Script application/javascript	99.86.246.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-220.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 31 Aug 2022 00:44:50 GMT content-encoding gzip vary Accept-Encoding age 2323114 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Tue, 30 Aug 2022 21:47:48 GMT server AmazonS3 etag W/"e0f89f667fb8d2b50aa8e29a86a4c9b1" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id 1ps0Y.cQfeUJnD6vrqu.rtfMUGfr8v9x via 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop VIE50-C1 content-type application/javascript x-amz-cf-id 352EWbVP455q7OXIwGzzzNOgvIYJocYn8IxmuIZhSYniieLaV6-6bg==
GET H2	200	schemaFilter.bundle.debb169c1abb431faaa6.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	18ms 18ms	Script application/javascript	99.86.246.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-220.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 05:01:05 GMT content-encoding gzip vary Accept-Encoding age 579739 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Tue, 20 Sep 2022 04:11:19 GMT server AmazonS3 etag W/"3e448afdfea355c0f19700d04431ce7d" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id Av4L57knpBWVXQ2LY3wI0QazLgotJtGS via 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop VIE50-C1 content-type application/javascript x-amz-cf-id _ukB2ojKGhMr_PRvxGn6uY-XXGRQJGwbl7VrSkBGVgltgini4-qKmA==
GET H2	200	google-analytics.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/	16 KB 5 KB	18ms 18ms	Script application/javascript	99.86.246.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-220.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 24 Sep 2022 03:36:00 GMT content-encoding gzip age 239244 x-cache Hit from cloudfront content-length 4743 access-control-allow-origin * last-modified Mon, 19 Sep 2022 21:38:20 GMT server AmazonS3 etag "36786f75981fc0efd629c4a89e1c78ec" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id i7V8adpJC0v_FV6MGqES_PT759Yi.CDp via 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop VIE50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id KBp_xkwqieQlqw3cXmTC2w4hgrk4jHFpun8WeSEhC3YOtKlXqq16PQ==
GET H2	200	marketo.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/marketo/2.0.2/	3 KB 2 KB	18ms 18ms	Script application/javascript	99.86.246.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/marketo/2.0.2/marketo.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-220.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash 4bc2e69e7ed55fe596e9bb67ec777f6440165cae4a06ef76212cc9e5ed5d761a Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 23 Sep 2022 21:55:41 GMT content-encoding gzip age 259663 x-cache Hit from cloudfront content-length 1598 access-control-allow-origin * last-modified Mon, 19 Sep 2022 21:38:20 GMT server AmazonS3 etag "c33f657f471dc2b99ecf4d1849a460bc" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id V1vZpMsXIz6ZPU7K79pPxXYgWuk2k0EF via 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop VIE50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id dJQ_l5o4fdbzNk69Xg33WHoBq1gyW_qUjybip_t_R_LLHVvoXgbFdA==
GET H2	200	commons.c42222c4cb2f8913500f.js.gz Show response cdn.segment.com/next-integrations/integrations/vendor/	73 KB 22 KB	20ms 20ms	Script application/javascript	99.86.246.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-220.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 25 Sep 2022 18:53:04 GMT content-encoding gzip age 97820 x-cache Hit from cloudfront content-length 22177 access-control-allow-origin * last-modified Mon, 19 Sep 2022 21:38:18 GMT server AmazonS3 etag "befb217271e2e926c7d898f1c85f6cb7" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id Z.cz1sApkVz0CAwS1aXBsP5bZXvNz24o via 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop VIE50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id WFBK_HgcsNH03Z13nBlVaL3s0R0mR6mmPGFiMrHqhUneh6iC4fkYzg==
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	78ms 17ms	Script application/x-javascript	92.123.8.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.8.217 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-8-217.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Mon, 26 Sep 2022 22:03:23 GMT Content-Encoding gzip Last-Modified Fri, 09 Sep 2022 01:18:39 GMT Server AkamaiNetStorage ETag "92b41a298690c047b0c4602dd843cba4:1662686319.691662" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 728
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	165ms 47ms	Script text/javascript	2a00:1450:400d:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Sun, 11 Sep 2022 13:50:09 GMT server Golfe2 age 5752 date Mon, 26 Sep 2022 20:27:32 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19826 expires Mon, 26 Sep 2022 22:27:32 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/162/	11 KB 5 KB	18ms 17ms	Script application/x-javascript	92.123.8.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/162/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.8.217 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-8-217.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Mon, 26 Sep 2022 22:03:23 GMT Content-Encoding gzip Last-Modified Fri, 01 Jul 2022 00:59:12 GMT Server AkamaiNetStorage ETag "75daf56f6191efe42577301908659c29:1656637152.894482" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 4677 Expires Wed, 04 Jan 2023 22:03:23 GMT
POST H/1.1	200 OK	visitWebPage 704-vyp-527.mktoresp.com/webevents/	2 B 318 B	911ms 160ms	Ping text/plain	192.28.147.68 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://704-vyp-527.mktoresp.com/webevents/visitWebPage?_mchNc=1664229803992&_mchCn=&_mchId=704-VYP-527&_mchTk=_mch-jamf.com-1664229803991-41586&_mchHo=www.jamf.com&_mchPo=&_mchRu=%2Fblog%2Fnukesped-malware-a-dud-thanks-to-jamf-protect%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp= Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/162/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.147.68 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Mon, 26 Sep 2022 22:03:24 GMT Content-Encoding gzip Server nginx/1.20.1 Transfer-Encoding chunked Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive X-Request-Id 0372dfce-4436-4e85-b87a-88c72b6743b3
GET H2	200	museo-slab-regular.woff2 resources.jamf.com/type/	39 KB 40 KB	8ms 8ms	Font binary/octet-stream	18.66.112.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/museo-slab-regular.woff2 Requested by Host: www.jamf.com URL: https://www.jamf.com/css/main.css?v=20220923151414 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-100.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 3ae9ac6e8a07d68109d7f7cf0accaae7906bbdb687556f14aa043469d8fca50b Request headers Referer https://www.jamf.com/ Origin https://www.jamf.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 23 Aug 2022 05:54:34 GMT via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) age 2995731 x-cache Hit from cloudfront content-length 40363 last-modified Wed, 13 Sep 2017 14:58:22 GMT server AmazonS3 etag "f2987afe0d1edbb68faa0cd8f12698e7" vary Origin access-control-allow-methods GET, HEAD x-amz-version-id H8GhlxcZHuztdbc4Zb5nl3olJHK2sfs0 access-control-allow-origin https://www.jamf.com cache-control max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type binary/octet-stream x-amz-cf-id gRr41_460Su5AyT5j-oIUD8WFcE2DhQDciDHIz7r7XMt17ek3jVxag==
POST H2	200	p Show response api.segment.io/v1/	21 B 171 B	527ms 171ms	Fetch application/json	34.215.194.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.215.194.110 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-215-194-110.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.jamf.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.jamf.com date Mon, 26 Sep 2022 22:03:24 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
POST H2	200	i Show response api.segment.io/v1/	21 B 172 B	525ms 171ms	Fetch application/json	34.215.194.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/i Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.215.194.110 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-215-194-110.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.jamf.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.jamf.com date Mon, 26 Sep 2022 22:03:24 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	48ms 48ms	Script text/javascript	2a00:1450:400d:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 21:10:41 GMT content-encoding gzip x-content-type-options nosniff age 3163 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 26 Sep 2022 22:10:41 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 440 B	59ms 19ms	XHR text/plain	2a00:1450:400c:c0d::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-16025153-10&cid=1824471782.1664229804&jid=1754674435&gjid=1128900758&_gid=139485806.1664229804&_u=aGBAgEAjAAAAAE~&z=1936649136 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.jamf.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 26 Sep 2022 22:03:24 GMT content-type text/plain access-control-allow-origin https://www.jamf.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	48ms 47ms	Image image/gif	2a00:1450:400d:807::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j97&a=1619805960&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jamf.com%2Fblog%2Fnukesped-malware-a-dud-thanks-to-jamf-protect%2F&dp=%2Fblog%2Fnukesped-malware-a-dud-thanks-to-jamf-protect%2F&ul=en-us&de=UTF-8&dt=Mac%20Protection%3ANew%20macOS%20malware%20%E2%80%98NukeSped%E2%80%99%20detected%20and%20protected%20against&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=1754674435&gjid=1128900758&cid=1824471782.1664229804&tid=UA-16025153-10&_gid=139485806.1664229804&z=1077044508 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Mon, 26 Sep 2022 01:33:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 73774 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	192ms 74ms	Image image/gif	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16025153-10&cid=1824471782.1664229804&jid=1754674435&_u=aGBAgEAjAAAAAE~&z=567570724 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Mon, 26 Sep 2022 22:03:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	131ms 49ms	Image image/gif	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16025153-10&cid=1824471782.1664229804&jid=1754674435&_u=aGBAgEAjAAAAAE~&z=567570724 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Mon, 26 Sep 2022 22:03:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT