www.jamf.com Open in urlscan Pro
18.245.86.43  Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

• https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
• https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

Request Chain 79

• https://platform.twitter.com/oct.js HTTP 301
• https://static.ads-twitter.com/oct.js

Request Chain 85

• https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3djamf.com%26pId%3d%24UID HTTP 302
• https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3djamf.com%26pId%3d%24UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253djamf.com%2526pId%253d%2524UID HTTP 302
• https://attr.ml-api.io/?domain=jamf.com&pId=820033417449681947

Request Chain 86

• https://insight.adsrvr.org/track/pxl/?adv=h4n1p31&ct=0:2biwice&fmt=3 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=N2NmMzYyMjQtYTEzYy00NTEwLThhZTYtNzkzODQzNGFjZGU1&gdpr=0&gdpr_consent=&ttd_tdid=7cf36224-a13c-4510-8ae6-7938434acde5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=N2NmMzYyMjQtYTEzYy00NTEwLThhZTYtNzkzODQzNGFjZGU1&gdpr=0&gdpr_consent=&ttd_tdid=7cf36224-a13c-4510-8ae6-7938434acde5&google_tc= HTTP 302
• https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7cf36224-a13c-4510-8ae6-7938434acde5&google_gid=CAESEExpOXJHc2324ylEaoho_b0&google_cver=1 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7cf36224-a13c-4510-8ae6-7938434acde5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
• https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
• https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=7cf36224-a13c-4510-8ae6-7938434acde5 HTTP 302
• https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=820033417449681947&ttd_tdid=7cf36224-a13c-4510-8ae6-7938434acde5 HTTP 302
• https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=7cf36224-a13c-4510-8ae6-7938434acde5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
• https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=7cf36224-a13c-4510-8ae6-7938434acde5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7cf36224-a13c-4510-8ae6-7938434acde5&expiration=1736647806&gdpr=0&gdpr_consent=

Request Chain 109

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37100%2C360601&time=1734055804398&li_adsId=4d7d5bae-9bf9-4c0f-8be1-4373268a3db4&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37100%2C360601&time=1734055804398&li_adsId=4d7d5bae-9bf9-4c0f-8be1-4373268a3db4&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D37100%252C360601%26time%3D1734055804398%26li_adsId%3D4d7d5bae-9bf9-4c0f-8be1-4373268a3db4%26url%3Dhttps%253A%252F%252Fwww.jamf.com%252Fblog%252Ftcc-bypass-steals-data-from-icloud%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37100%2C360601&time=1734055804398&li_adsId=4d7d5bae-9bf9-4c0f-8be1-4373268a3db4&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&cookiesTest=true&liSync=true

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/	147 KB 38 KB	480ms 203ms	Document text/html	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash ef319e159732d8d35fa31d94137e61b00fd6a72369cc4fd176b6f7a5986fa8d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers age 55534 cache-control max-age=0, s-maxage=2592000, must-revalidate content-encoding gzip content-length 37437 content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-type text/html; charset=UTF-8 date Thu, 12 Dec 2024 10:44:24 GMT expires Sat, 26 Jul 1997 05:00:00 GMT last-modified Thu, 12 Dec 2024 09:59:24 GMT link <https://hello.myfonts.net>; rel=dns-prefetch, <https://resources.jamf.com>; rel=dns-prefetch; preconnect, <https://media.jamf.com>; rel=dns-prefetch; preconnect, </css/main.css?v=20241211144436>; rel=preload; as=style, </js/jamf-critical.min.js?v=20241211144436>; rel=preload; as=script, <https://resources.jamf.com/type/inter-regular.woff2>; rel=preload; as=font; crossorigin; type="font/woff2", <https://resources.jamf.com/type/inter-bold.woff2>; rel=preload; as=font; crossorigin; type="font/woff2", <https://resources.jamf.com/type/jcon_6372353d58f40790101470a75b02ecf2.woff>; crossorigin; type="font/woff" pragma no-cache referrer-policy strict-origin-when-cross-origin report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} server Apache/2.4.41 (Ubuntu) strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) x-amz-cf-id XF7T_YLdu90XXjjLOSBqZ0iTKWpcWupTa-Liosjbaih9rNXyamxl9w== x-amz-cf-pop FRA60-P6 x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	main.css www.jamf.com/css/	507 KB 78 KB	158ms 151ms	Stylesheet text/css	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/css/main.css?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 489bc13e1f2604fbc285750c6bf3f8e1a21216accad820a579833bd6a08f6d3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "7ed02-62905162eb900-gzip" age 55538 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id aGLejrgI2rydjajpr0OGSZLr9wb5wjjKmf6GoUbKkMl5VsKLUISO6Q== date Thu, 12 Dec 2024 10:44:20 GMT content-type text/css vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:44 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jamf-critical.min.js Show response www.jamf.com/js/	57 KB 19 KB	247ms 241ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jamf-critical.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 97ef8276c846141f6aad5f8d92a9e22ad4bde684417d848ff2468231a0d28245 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "e32a-6290516b80d40-gzip" age 55539 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id EgwcSaWHS9iuh21vRVOyyANbk0RnO_hmJ8tkqKolFe31GZBwMoIQyA== date Thu, 12 Dec 2024 10:44:19 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:53 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 18101 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	inter-regular.woff2 resources.jamf.com/type/	97 KB 97 KB	412ms 138ms	Font binary/octet-stream	18.66.122.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/inter-regular.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-118.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.jamf.com Referer https://www.jamf.com/ Response headers x-amz-version-id 1ksiNDA4ipkewgpNwjbRHarMQ_Elo44H etag "dc131113894217b5031000575d9de002" age 83118 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id Z6fIA9r_oQEcabaoLTcQCd3pB_ktyAGURExU68dF-i2RD4faKkCDZA== date Thu, 12 Dec 2024 03:06:34 GMT content-type binary/octet-stream vary Origin,accept-encoding last-modified Mon, 28 Oct 2024 11:56:30 GMT access-control-allow-credentials true via 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin https://www.jamf.com content-length 98868 x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	inter-bold.woff2 resources.jamf.com/type/	104 KB 104 KB	407ms 138ms	Font binary/octet-stream	18.66.122.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/inter-bold.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-118.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.jamf.com Referer https://www.jamf.com/ Response headers x-amz-version-id t61gLmYWO1OMb710YJsh6qtbteWCMj7U etag "444a7284663a3bc886683eb81450b294" age 79321 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id Ay7TYGYjHC8tMt6DfWDPsKgjUwnHegi3LplMeppXXYKMJxiuWhGr2A== date Thu, 12 Dec 2024 04:14:13 GMT content-type binary/octet-stream vary Origin,accept-encoding last-modified Mon, 28 Oct 2024 11:56:31 GMT access-control-allow-credentials true via 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin https://www.jamf.com content-length 106140 x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	22 KB 8 KB	251ms 89ms	Script application/javascript	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 UzmBk0Ra4K9he+CwjGKb/g== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DD1A2106D903F4 x-ms-lease-status unlocked age 54715 cf-cache-status HIT x-content-type-options nosniff expires Fri, 13 Dec 2024 10:58:04 GMT date Fri, 13 Dec 2024 02:09:59 GMT content-type application/javascript last-modified Wed, 11 Dec 2024 20:18:50 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id cf91a70e-c01e-0092-0347-4c043c000000 cf-ray 8f126a48c94dc222-TLV accept-ranges bytes access-control-allow-origin * content-length 7211 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	main.css www.jamf.com/styles/	509 KB 57 KB	210ms 208ms	Stylesheet text/css	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/styles/main.css?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 45f33dcc3a7779d216630c4e9ec020b87f0cb04b501af137b944102d03503787 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "7f42f-6290513fa25c0-gzip" age 55539 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id YQxSFGiCEP4E2avaoQ5jSRZw-erhppQ5zl4vAEYVbwGj0pfWKlJOog== date Thu, 12 Dec 2024 10:44:20 GMT content-type text/css vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:07 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 57173 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	typography-override.css www.jamf.com/css/	230 KB 17 KB	255ms 253ms	Stylesheet text/css	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/css/typography-override.css?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 8aad19047a1baccfde72afb9a6da90560930cad98ea057a3dbc4ed385385146b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "39757-62905163dfb40-gzip" age 55540 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id b6r_KQcx1ToxdbTMXomh4ftn6zBEVpcXvNWOMea11Vcr-M0jxtwf0w== date Thu, 12 Dec 2024 10:44:19 GMT content-type text/css vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:45 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 15797 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jamf-button.js Show response www.jamf.com/js/webcomponents/nebula/	33 KB 10 KB	246ms 244ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/jamf-button.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash e2ee3847cb36f43851872639c0ef59358fe22ada8da9fccb2b4a79748d46cb12 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "8460-629050c778a40-gzip" age 55504 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id duWAAogxAQBnCNWGNGNk-wocxL1I9EwQRZlNkAnuqKstvMpd9DLZrw== date Thu, 12 Dec 2024 10:44:55 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:12:01 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 9563 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jamf-icon.js Show response www.jamf.com/js/webcomponents/nebula/	27 KB 10 KB	248ms 246ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/jamf-icon.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 92fa57c8cf4d7d618691b77843f29d486656309960eaeffe006ae3f4efdc9880 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "6afa-629050c778a40-gzip" age 55504 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id yxfOph5E8FISEqnpZ2f3FC5nV1QF4J6y536X04SITEMpZNBscZDdxw== date Thu, 12 Dec 2024 10:44:55 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:12:01 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 9312 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	667.js Show response www.jamf.com/js/webcomponents/nebula/dep/	366 KB 115 KB	263ms 262ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/dep/667.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 6aced3f769540be1f364f060353f75f6af9a67c8bc623046886edc76693f5265 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "5b6a6-629050c778a40-gzip" age 55504 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id rJ1FOMPld1jnYOhDD4qIv9V8MWyVxmot1l7Esy4x8UnPD20hDwiIWQ== date Thu, 12 Dec 2024 10:44:55 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:12:01 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jamf-script-editor-vendors.js Show response www.jamf.com/js/webcomponents/nebula/dep/	376 B 1 KB	321ms 320ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/dep/jamf-script-editor-vendors.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash bc3c0c1453510e0a7374655ab8db5037b8105bd1bc8e5729eba1ff0ecc405d8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "178-629050c778a40-gzip" age 55504 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id KvkQZlTwk1HElIlY4EAhCHraFmsjBHAaBiuq0B_AYumCVyJab5A_Tg== date Thu, 12 Dec 2024 10:44:55 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:12:01 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 253 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jamf-script-editor.js Show response www.jamf.com/js/webcomponents/nebula/	55 KB 16 KB	388ms 386ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/nebula/jamf-script-editor.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash b35ca718fa41729e077ce5c0e5f1d3aab1efefa436ee7dc6ae2c6540c1916aa5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "dcbb-629050c778a40-gzip" age 55504 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id pLhQEJ6ukEymfQre2neqx5GuUw457OPZHA477U5eist8wP9LdlGM6w== date Thu, 12 Dec 2024 10:44:55 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:12:01 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 14986 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	webcomponents.js Show response www.jamf.com/scripts/	612 KB 185 KB	328ms 326ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/scripts/webcomponents.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 2b4798c649a6d858bddffd1c21898b169e2a1b345ca9f120d8b4b8882242ea17 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "99131-6290513fa25c0-gzip" age 55540 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id zlFyfjCYBbHdByA5Mz0JOKJiL23P9gWOUMhymXqYDL-0E9BQDavdtw== date Thu, 12 Dec 2024 10:44:19 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:07 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jquery.min.js Show response www.jamf.com/js/	84 KB 31 KB	388ms 387ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jquery.min.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 8623781aee9a8ab6681ce164e41a840dbaaa0c0f21525f4c70d017f5a8c14089 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "150f4-6290516e5d400-gzip" age 55539 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id 3bAL2yCQ1lADkCTh5z3wdKNFBJJmS_cNB0qF9xe-bXFGJCVtlL-GLg== date Thu, 12 Dec 2024 10:44:20 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:56 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 30309 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	index.js Show response www.jamf.com/js/webcomponents/jamf-account/	233 KB 44 KB	136ms 136ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/webcomponents/jamf-account/index.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash df1539bcfb67c9da81ee9f5c029921a09e63fb309fa4baf83942eed451f902c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "3a5dd-6288b7d0049c0-gzip" age 55539 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id xSHwLJR4GTF1tW6Bv28ltCDNDfGouiLyTsBtU4lJWYp-E47kQd3Ziw== date Thu, 12 Dec 2024 10:44:20 GMT content-type application/javascript vary Accept-Encoding last-modified Thu, 05 Dec 2024 20:10:23 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 44329 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	custom.js Show response www.jamf.com/scripts/	53 KB 11 KB	147ms 146ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/scripts/custom.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash e2915270b792366b4d2374403acc5a0dc6657f2d6c52478d172578be13bdeeb0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "d535-6290513fa25c0-gzip" age 55539 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id 65zTyFFdJf46EZF47H4D2Vrd89_xZPT1r91BVO8DbdUdFKErRj5c8A== date Thu, 12 Dec 2024 10:44:20 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:07 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 9969 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jamf-one-color-dark-for-print-css.svg media.jamf.com/images/logos/	1 KB 1 KB	613ms 322ms	Image image/svg+xml	65.9.66.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.jamf.com/images/logos/jamf-one-color-dark-for-print-css.svg Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-50.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 41ab5fe54178008304401cafcbd15e7028bc7bacd8d35bdc4426a825383f48db Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers x-amz-cf-pop FRA56-C1 content-encoding gzip x-amz-version-id 8qDxh1nyFEiPATU0peuHO.PIFUumQ8Y0 etag W/"55abc948af2b541a5847f4fd0768e026" age 77042 via 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id FNIyCmdEYgjZoOS9RjfxP5BffO8c10hWJE8DP6FHPMEI8awIneogDQ== date Thu, 12 Dec 2024 04:48:28 GMT content-type image/svg+xml vary Accept-Encoding server AmazonS3 last-modified Fri, 05 Oct 2018 18:53:57 GMT
GET H2	200	jtl-analyzing-cve-2024-44131.webp media.jamf.com/images/news/	103 KB 104 KB	404ms 156ms	Image application/octet-stream	65.9.66.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.jamf.com/images/news/jtl-analyzing-cve-2024-44131.webp?q=80&w=1600 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-50.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1745294ae6654181b2ebdc79dea7d78ceaab5e1261e1a1de7d88b5e8aa20a755 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers vary Accept-Encoding x-amz-version-id ea9tkUgA6tE8DH9Z3Y785QnzSHF7Do0h etag "6219b2e8c414d6402ae7271b7373d64a" age 47490 via 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 105633 x-amz-cf-id aPfSlQqhu507cvA2O2SLjkLlxHV39ha6HcBWQDXKdeWyOgXb73hQbQ== date Thu, 12 Dec 2024 12:58:30 GMT content-type application/octet-stream last-modified Wed, 04 Dec 2024 18:16:51 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 x-amz-server-side-encryption AES256
GET H2	200	04476c69-b922-4867-acbd-5a218f8ceb7e.json Show response cdn.cookielaw.org/consent/04476c69-b922-4867-acbd-5a218f8ceb7e/	7 KB 2 KB	259ms 93ms	XHR application/json	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/04476c69-b922-4867-acbd-5a218f8ceb7e/04476c69-b922-4867-acbd-5a218f8ceb7e.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b4f795b7effc56efe74e77d28c7c0f6a14c4cb6d90218e87ccfba8059b42097 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 4Lj6+AP1BV6P71wmiATYVw== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status HIT etag 0x8DC8194616F7F93 age 69360 x-ms-lease-status unlocked x-content-type-options nosniff x-ms-version 2009-09-19 expires Sat, 14 Dec 2024 02:09:59 GMT date Fri, 13 Dec 2024 02:09:59 GMT content-type application/json last-modified Fri, 31 May 2024 17:09:06 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 0015aa83-301e-00e1-344c-2674ff000000 cf-ray 8f126a4abe8dc233-TLV accept-ranges bytes access-control-allow-origin * content-length 1937 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/	106 KB 30 KB	495ms 197ms	Script text/javascript	13.35.58.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-critical.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.148 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-148.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d8e541b69aade8e0dd13ebb194265feede335476a0cfdab69a373e968497be9c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-max-age 3000 content-encoding br x-amz-version-id RQTkpM_ilcWGycgdovK.vtj8R.LtIhUv etag W/"828033cf257d916a4aa2301fe1649930" age 115 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id TmrnuqiqjrwtiKrfczsSDnGhXPAzrx4wO0V3liihXtnssAcGHRUmyg== date Fri, 13 Dec 2024 02:08:05 GMT content-type text/javascript; charset=utf-8 vary accept-encoding last-modified Wed, 13 Nov 2024 18:39:12 GMT x-amz-replication-status COMPLETED cache-control public, max-age=120 via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	vendors~jamf-dropdown-vendors.js Show response www.jamf.com/scripts/dep/	18 KB 7 KB	137ms 136ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/scripts/dep/vendors~jamf-dropdown-vendors.js Requested by Host: www.jamf.com URL: https://www.jamf.com/scripts/webcomponents.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 6d444ef6c991190d067f7161f627b01004c785de1d21f500463c41448b7b112f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "4652-6290513fa25c0-gzip" age 55545 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id b_k_LAk18xLtCM3MgfFPelXXgLuP2v2XuWpeRWjzZeB2yIn9VLXb4w== date Thu, 12 Dec 2024 10:44:14 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:07 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 6326 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	inter-regular.woff2 resources.jamf.com/type/	97 KB 0	16ms 16ms	Font binary/octet-stream	18.66.122.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/inter-regular.woff2 Requested by Host: www.jamf.com URL: https://www.jamf.com/css/main.css?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-118.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.jamf.com Referer https://www.jamf.com/ Response headers x-amz-version-id 1ksiNDA4ipkewgpNwjbRHarMQ_Elo44H etag "dc131113894217b5031000575d9de002" age 83118 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id Z6fIA9r_oQEcabaoLTcQCd3pB_ktyAGURExU68dF-i2RD4faKkCDZA== date Thu, 12 Dec 2024 03:06:34 GMT content-type binary/octet-stream vary Origin,accept-encoding last-modified Mon, 28 Oct 2024 11:56:30 GMT access-control-allow-credentials true via 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin https://www.jamf.com content-length 98868 x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	inter-bold.woff2 resources.jamf.com/type/	104 KB 0	0ms 0ms	Font binary/octet-stream	18.66.122.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/inter-bold.woff2 Requested by Host: www.jamf.com URL: https://www.jamf.com/css/main.css?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-118.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.jamf.com Referer https://www.jamf.com/ Response headers x-amz-version-id t61gLmYWO1OMb710YJsh6qtbteWCMj7U etag "444a7284663a3bc886683eb81450b294" age 79321 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id Ay7TYGYjHC8tMt6DfWDPsKgjUwnHegi3LplMeppXXYKMJxiuWhGr2A== date Thu, 12 Dec 2024 04:14:13 GMT content-type binary/octet-stream vary Origin,accept-encoding last-modified Mon, 28 Oct 2024 11:56:31 GMT access-control-allow-credentials true via 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin https://www.jamf.com content-length 106140 x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	69 B 321 B	247ms 91ms	XHR application/json	172.64.155.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff10c1fe39489bf9f57c9dc9e8ccc064dfdfd4dec949636d5deeba2a8f2da2f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 accept application/json Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip access-control-allow-methods GET, OPTIONS cf-ray 8f126a4d48e0c21f-TLV access-control-allow-origin * date Fri, 13 Dec 2024 02:09:59 GMT content-type application/json vary Accept-Encoding server cloudflare access-control-allow-headers Content-Type
GET H2	200	/ Show response www.jamf.com/auth0/user/	2 B 1 KB	422ms 421ms	Fetch application/json	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/auth0/user/ Requested by Host: www.jamf.com URL: https://www.jamf.com/js/webcomponents/jamf-account/index.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers x-robots-tag noindex report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff expires Thu, 19 Nov 1981 08:52:00 GMT x-cache Miss from cloudfront x-amz-cf-id ej4O2HDixczzywDLpt165i-e0fvjjugZFv62JpM2i3q87-n80sEn4Q== date Fri, 13 Dec 2024 02:10:00 GMT content-type application/json x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=0, no-cache pragma no-cache referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint content-length 2 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jcon_6372353d58f40790101470a75b02ecf2.woff2 resources.jamf.com/type/	24 KB 25 KB	125ms 125ms	Font font/woff2	18.66.122.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.jamf.com/type/jcon_6372353d58f40790101470a75b02ecf2.woff2 Requested by Host: www.jamf.com URL: https://www.jamf.com/css/main.css?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-118.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 414be1cf7d1a22d082c3c58a8d5f1f32d1df213625f67e865d340f15eb7bf7f8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.jamf.com Referer https://www.jamf.com/ Response headers etag "d69debcb451a5876e1d9faa48422717f" x-amz-version-id 0k2zna3QN9w7pnBlPP3QtYam9eaRghG0 age 7332618 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id Ec8xeSHpCwz01N9M_32tqW_GVyHKK3koC16DG81pqxlXErtf31mf9Q== date Thu, 19 Sep 2024 05:19:43 GMT content-type font/woff2 last-modified Tue, 02 Mar 2021 19:02:56 GMT vary Origin cache-control max-age=31536000 access-control-allow-credentials true via 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin https://www.jamf.com content-length 24836 x-amz-cf-pop FRA60-P2 server AmazonS3
GET H2	200	a26e7c0f d21y75miwcfqoq.cloudfront.net/	68 B 455 B	833ms 560ms	Image image/png	18.245.45.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d21y75miwcfqoq.cloudfront.net/a26e7c0f Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.45.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-45-129.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers cache-control no-cache, no-store x-amz-version-id null etag "91e42db1c66c0b276abf6234dc50b2eb" via 1.1 16cea8ae3ccd098a5d0b3b2c45b25a84.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront content-length 68 x-amz-cf-id i_8KgsCGsHSxcluIE90RdTCrehX7DUkLL_xE7hvWYfCOmQ0svddBJw== date Fri, 13 Dec 2024 02:10:01 GMT content-type image/png last-modified Mon, 17 May 2021 18:46:15 GMT server AmazonS3 x-amz-cf-pop FRA56-P9 x-amz-server-side-encryption AES256
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202312.1.0/	428 KB 104 KB	82ms 82ms	Script application/javascript	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df54c069da584ec929d42161c8fd19e74c7f408d70e6e7e0f8d27cc9c02a0ad9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 omr+ywUvfLiKRTWN9kGq4A== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5D5D2845E0F x-ms-lease-status unlocked cf-cache-status HIT age 54516 x-content-type-options nosniff date Fri, 13 Dec 2024 02:10:00 GMT content-type application/javascript last-modified Tue, 16 Jul 2024 20:28:15 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 7920d373-001e-00a6-77cb-37ab94000000 cf-ray 8f126a4edd00c222-TLV accept-ranges bytes access-control-allow-origin * content-length 106367 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	settings Show response cdn.segment.com/v1/projects/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/	1 KB 1 KB	403ms 134ms	Fetch application/json	13.35.58.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/settings Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.148 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-148.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash edf300e63aff62c2c7d646a771f604b6306926da1991bed6ed69581bd28812b2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-max-age 3000 content-encoding gzip x-amz-version-id nGskojxTZ9cAl3c2G_9vRI7_hX0OMdHj etag W/"4cadbb744b7a4c286829ce2222d8a152" age 5619 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id xv1DBm7951VuLmYOZKvCdcmq-QTmEmvs2FaMtSVTfxxoL9AYsnwmbg== date Fri, 13 Dec 2024 01:20:35 GMT content-type application/json; charset=utf-8 vary accept-encoding last-modified Wed, 13 Nov 2024 18:39:14 GMT x-amz-replication-status COMPLETED cache-control public, max-age=10800 via 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	en.json Show response cdn.cookielaw.org/consent/04476c69-b922-4867-acbd-5a218f8ceb7e/018e7697-1b6f-7ab6-a91c-ced065d26977/	150 KB 28 KB	94ms 93ms	Fetch application/json	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/04476c69-b922-4867-acbd-5a218f8ceb7e/018e7697-1b6f-7ab6-a91c-ced065d26977/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec1c243614ef6cb680f84299b83db39ada977651f32ddcac9bb33806901de254 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 +YvQy++U7fawooUMIQIzlg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status HIT etag 0x8DC81946D7A09FE age 73580 x-ms-lease-status unlocked x-content-type-options nosniff x-ms-version 2009-09-19 expires Sat, 14 Dec 2024 02:10:00 GMT date Fri, 13 Dec 2024 02:10:00 GMT content-type application/json last-modified Fri, 31 May 2024 17:09:27 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 6e57b6e6-a01e-00a0-2af0-2e5cec000000 cf-ray 8f126a5089e6c233-TLV accept-ranges bytes access-control-allow-origin * content-length 28191 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response cdn.segment.com/analytics-next/bundles/	9 KB 3 KB	132ms 131ms	Script application/javascript	13.35.58.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.148 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-148.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-max-age 3000 content-encoding br etag W/"00e9c65cbba11c07c4bf4a6e2727b8ea" x-amz-version-id 7HrcoEDii4CJjqNCahwryaG4L.vk9kns age 7356149 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id 2FNw6C3sBFTV_mzWRyhUnHBmhQBEWbJeXXl4KTT3J26V_AvJi7DgrA== date Wed, 18 Sep 2024 22:47:32 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 18 Sep 2024 22:21:40 GMT x-amz-replication-status COMPLETED cache-control public,max-age=31536000,immutable via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	otCenterRounded.json Show response cdn.cookielaw.org/scripttemplates/202312.1.0/assets/	9 KB 3 KB	86ms 86ms	Fetch application/json	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCenterRounded.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 LGA9RbysmTnHm69WIhZ6SQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5D5CDF5EB98 x-ms-lease-status unlocked cf-cache-status HIT age 73579 x-content-type-options nosniff date Fri, 13 Dec 2024 02:10:00 GMT content-type application/json last-modified Tue, 16 Jul 2024 20:28:08 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 26a3040c-c01e-0099-6381-d81c48000000 cf-ray 8f126a51aa99c233-TLV accept-ranges bytes access-control-allow-origin * content-length 2626 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/	62 KB 13 KB	167ms 166ms	Fetch application/json	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 KChx+n8xgg81I5yxMVql3g== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5D5CECDCCB6 x-ms-lease-status unlocked cf-cache-status HIT x-content-type-options nosniff date Fri, 13 Dec 2024 02:10:00 GMT content-type application/json last-modified Tue, 16 Jul 2024 20:28:09 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id b673050e-101e-0075-3cc4-471431000000 cf-ray 8f126a51aa9dc233-TLV accept-ranges bytes access-control-allow-origin * content-length 12700 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202312.1.0/assets/	21 KB 4 KB	86ms 86ms	Fetch text/css	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29733ca80fad429eb7e4bb7f028cd176d9ee5a5427d09caec143e5030cb1005f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 c7xAZ9MSGAobGaTYg/Qtag== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-lease-status unlocked cf-bgj minify cf-cache-status HIT x-ms-version 2009-09-19 age 73579 content-encoding gzip x-content-type-options nosniff cf-polished origSize=21778 date Fri, 13 Dec 2024 02:10:00 GMT content-type text/css last-modified Tue, 16 Jul 2024 20:28:20 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 1008c286-101e-0090-27c9-e906c6000000 cf-ray 8f126a51aa9ec233-TLV access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	131ms 131ms	Script application/javascript	13.35.58.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.148 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-148.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-max-age 3000 content-encoding br etag W/"3867b2388b619ff7fddc29ef359fc9aa" x-amz-version-id u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8 age 7520310 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id 0Z6ucWf7iKt7SWDMVhQBCs1fZWsiiXqOPlYVjykYc9AbKDGCsYZmdQ== date Tue, 17 Sep 2024 01:11:31 GMT content-type application/javascript vary Accept-Encoding last-modified Mon, 16 Sep 2024 16:03:18 GMT x-amz-replication-status COMPLETED cache-control public,max-age=31536000,immutable via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 490 B	85ms 85ms	Fetch image/svg+xml	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 tXyZydHjxQshFMbbBT1/8A== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 73579 content-encoding gzip x-content-type-options nosniff date Fri, 13 Dec 2024 02:10:00 GMT content-type image/svg+xml last-modified Wed, 11 Dec 2024 04:55:22 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 42f57e68-d01e-00af-5a94-4bb11a000000 cf-ray 8f126a52eb46c233-TLV access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	integrations Show response cdn.segment.com/v1/projects/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/	525 B 1 KB	135ms 134ms	Fetch application/json	13.35.58.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/integrations Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-critical.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.148 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-148.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 69a42e6ee3289c1e8d0cb1499ea9942eff8c94605f453ed5ef212bfc2424e04c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-max-age 3000 x-amz-version-id KZlz_nJexfqlicpZvoGZBmn_RP230j7Y etag "569c80ba1996b9776cb971c11c2cb1ce" age 6052 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id jqxbEFeszQgdhWoBmKetu4iHZo5BBVDmFRInihQQu6Kny7iyPJdUZg== date Fri, 13 Dec 2024 00:30:34 GMT content-type application/json; charset=utf-8 vary accept-encoding last-modified Tue, 01 Oct 2024 15:16:53 GMT x-amz-replication-status COMPLETED cache-control public, max-age=10800 via 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 525 x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	Jamf-color.png cdn.cookielaw.org/logos/d94b466b-3228-4486-adf9-a106deb779b6/92788111-22cb-41df-8384-4c38e1ae5d2e/30421ff3-22c0-4b8f-95f7-c030e842df53/	7 KB 8 KB	84ms 83ms	Image image/png	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/d94b466b-3228-4486-adf9-a106deb779b6/92788111-22cb-41df-8384-4c38e1ae5d2e/30421ff3-22c0-4b8f-95f7-c030e842df53/Jamf-color.png Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aeed6ee102307e4a3fe882c0839daba0a18abf1c0358defcdd99b4c739349375 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 HrdFQcjx2FrQMbBzSpWAIQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked etag 0x8D9BB02C164D434 age 55067 cf-cache-status HIT x-content-type-options nosniff date Fri, 13 Dec 2024 02:10:00 GMT content-type image/png last-modified Thu, 09 Dec 2021 10:57:55 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 0d2f0dfd-701e-00c4-5efc-d1ec4c000000 cf-ray 8f126a531f07c222-TLV accept-ranges bytes access-control-allow-origin * content-length 7576 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	90ms 90ms	Image image/svg+xml	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-md5 Y+c301RBZNK39PvKQWrIBw== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 54715 content-encoding gzip x-content-type-options nosniff date Fri, 13 Dec 2024 02:10:00 GMT content-type image/svg+xml last-modified Wed, 11 Dec 2024 04:55:23 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 7aa1e03c-a01e-00ef-57c9-4b98f4000000 cf-ray 8f126a531f08c222-TLV access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	marketo.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/marketo/2.0.2/	3 KB 2 KB	134ms 133ms	Script application/javascript	13.35.58.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/marketo/2.0.2/marketo.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.148 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-148.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash cd186342f0ecf69108ae46236a02d305cef4a6b7d147de78a3c7d3e3ccc9036f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-max-age 3000 content-encoding gzip etag "544e6637e4681160b0599d78d90f9473" x-amz-version-id 4SWgn5_KFnSVjxrzbFhpOAT0.pIaqy85 age 1313370 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id y4fSES_cBvz31kviIAq9QlF8Oz4fr0jf1yKGVkzBnQjDclUrVW4l4Q== date Wed, 27 Nov 2024 21:20:31 GMT content-type application/javascript last-modified Tue, 01 Oct 2024 11:20:17 GMT cache-control public,max-age=31536000,immutable via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 1600 x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	google-tag-manager.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/	3 KB 2 KB	131ms 131ms	Script application/javascript	13.35.58.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.148 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-148.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-max-age 3000 content-encoding gzip etag "a2b1aa1a0e402b1f891c929f94449d47" x-amz-version-id _Aep7zFPD.gvTJG_YlZ3OByAwEPpZuwB age 1346442 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id -NgxaEkmwfTmwdGk7Uf1QxJkqU9-qJdyYH00vU5OPNdxuFJ-SxjMCA== date Wed, 27 Nov 2024 12:09:19 GMT content-type application/javascript last-modified Tue, 01 Oct 2024 11:20:16 GMT cache-control public,max-age=31536000,immutable via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 1343 x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	jamf-tracking-functional.min.js Show response www.jamf.com/js/	9 KB 4 KB	146ms 145ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jamf-tracking-functional.min.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-critical.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash e4b0b8a6b8af1f68c1725fbe76b03bb50e0c84d2ed4be2169ed3e8d288f882bc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "250f-6290516d691c0-gzip" age 55504 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id EuZivmLj1St0_O_l0pZQ5lSUg3NhGyKGoV-Cu6tleLz7bZKrYgd2Vg== date Thu, 12 Dec 2024 10:44:56 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:55 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 3037 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jamf-tracking-performance.min.js Show response www.jamf.com/js/	378 B 1 KB	136ms 136ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jamf-tracking-performance.min.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-critical.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash fed14b8c52dd5b2e7c4e6984f561cc8aab0051e3ada4c49e972ccfc339f25805 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "17a-6290516d691c0-gzip" age 55504 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id 93kNzRBRG6HHfbYxQ4MkhHKzpO0iq85mxfvGiw1b0L4c7dtknBQIAQ== date Thu, 12 Dec 2024 10:44:56 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:55 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 265 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	jamf-tracking-targeting.min.js Show response www.jamf.com/js/	5 KB 3 KB	137ms 137ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jamf-tracking-targeting.min.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-critical.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash c46aac89efd88e727716d35fb3df79ab9ec80b1e733147a1927384d4c7fca880 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "14b6-6290516d691c0-gzip" age 55504 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id 277fPE9WOLVlZaK23H-RqPtJ2nBHTQnP4U5MpS7JwgDDEOH8H4umFg== date Thu, 12 Dec 2024 10:44:56 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:55 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 2242 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	/ Show response www.jamf.com/	29 B 1 KB	643ms 643ms	Fetch application/json	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/?ACT=106 Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-critical.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 57f4e305568f80bb5e3c577c0f95706bb561f4e45bb01449a5b262833c78cc16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=0, no-cache report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint x-cache Miss from cloudfront content-length 29 x-amz-cf-id mgW5tqBFIzWgY_I0QvoxVxUiGxmDXj8wS3zqPbyB45Ihmb-0xyGICg== date Fri, 13 Dec 2024 02:10:01 GMT content-type application/json; charset=UTF-8 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu) x-frame-options SAMEORIGIN
POST H2	200	p Show response api.segment.io/v1/	21 B 172 B	862ms 287ms	Fetch application/json	34.223.74.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-223-74-168.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000 access-control-allow-origin https://www.jamf.com content-length 21 date Fri, 13 Dec 2024 02:10:01 GMT content-type application/json vary Origin
GET H2	200	commons.a61d7bea37d2de5d4b69.js.gz Show response cdn.segment.com/next-integrations/integrations/vendor/	70 KB 22 KB	147ms 147ms	Script application/javascript	13.35.58.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.148 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-148.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-max-age 3000 content-encoding gzip etag "c467a63b2e7c3a99be423ace649014d8" x-amz-version-id JPDEPREw8gYM0wgzX9n.pVdsRblNlmAD age 2342295 access-control-allow-methods GET, HEAD x-cache Hit from cloudfront x-amz-cf-id QKD4C7nfcYSRN_jdOh9BopqwZfIcgivSde4HTBDfdYkcQXx_up7Ccg== date Fri, 15 Nov 2024 23:31:47 GMT content-type application/javascript last-modified Tue, 01 Oct 2024 11:20:15 GMT cache-control public,max-age=31536000,immutable via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 21911 x-amz-cf-pop FRA60-P10 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	6si.min.js Show response j.6sc.co/	68 KB 19 KB	405ms 125ms	Script application/javascript	95.101.111.184 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-tracking-targeting.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 3eec0160bf87fbcfaf3eae81638238969157b098a26a9c47e9e77c473ec9adcf Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control private, proxy-revalidate, max-age=10800 content-encoding gzip etag "675a890d-1110f" x-content-type-options nosniff expires Fri, 13 Dec 2024 05:10:01 GMT accept-ranges bytes content-length 18919 date Fri, 13 Dec 2024 02:10:01 GMT content-type application/javascript vary Accept-Encoding server nginx/1.14.0 (Ubuntu) last-modified Thu, 12 Dec 2024 06:56:13 GMT
GET H2	200	loader.js Show response www.gstatic.com/wcm/	6 KB 3 KB	405ms 133ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/wcm/loader.js Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-tracking-targeting.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software sffe / Resource Hash 670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br age 195 report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} x-content-type-options nosniff expires Fri, 13 Dec 2024 03:06:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 02:06:46 GMT last-modified Wed, 20 Mar 2024 23:18:00 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" content-length 2133 x-xss-protection 0 server sffe
GET H2	200	esw.min.js Show response service.force.com/embeddedservice/5.0/	30 KB 9 KB	501ms 163ms	Script application/x-javascript	160.8.238.22 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/esw.min.js Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-tracking-functional.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.8.238.22 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl7-ncg1-c3-arn3.eu53-ar3.force.com Software / Resource Hash c3509aae0e00c4e8cafda8a5e80ae3db94ea5a55bff7198c1e9e1f1b0e26f1d8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=63072000; includeSubDomains x-robots-tag none cache-control public,max-age=86400 content-encoding gzip origin-trial AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9 referrer-policy origin-when-cross-origin x-content-type-options nosniff expires Sat, 14 Dec 2024 02:10:01 GMT accept-ranges bytes date Fri, 13 Dec 2024 02:10:01 GMT last-modified Fri, 28 Jun 2024 13:30:12 GMT content-type application/x-javascript vary Accept-Encoding
GET H2	200	gtm.js Show response www.googletagmanager.com/	447 KB 127 KB	426ms 159ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 5a4b265d345a79841c49d997c50e148ca0b318e9526f054e032d5aab098b72b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Fri, 13 Dec 2024 02:10:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 02:10:01 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 13 Dec 2024 00:21:08 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 128953 x-xss-protection 0 server Google Tag Manager
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	422ms 123ms	Script application/x-javascript	184.31.85.59 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-85-59.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash a2091f1ff92cc073e178dca31707853e0cc6cd913a5344a8978f040fa373efa6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers Content-Encoding gzip ETag "e75e5ba140b1c7e6ea79786633c1ba0d:1731465879.778595" Connection keep-alive Accept-Ranges bytes P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Length 741 Date Fri, 13 Dec 2024 02:10:01 GMT Content-Type application/x-javascript Last-Modified Wed, 13 Nov 2024 02:44:39 GMT Server AkamaiNetStorage Vary Accept-Encoding
GET H2	200	call-tracking_9.js Show response www.gstatic.com/call-tracking/	62 KB 21 KB	130ms 129ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/call-tracking/call-tracking_9.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/wcm/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software sffe / Resource Hash 6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br age 280394 report-to {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]} x-content-type-options nosniff expires Tue, 09 Dec 2025 20:16:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 20:16:47 GMT last-modified Mon, 22 Jan 2024 22:18:00 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="ads-telephony" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony accept-ranges bytes content-length 20777 x-xss-protection 0 server sffe
GET H/1.1	200 OK	/ Show response c.6sc.co/	7 B 326 B	409ms 129ms	XHR text/html	2.17.100.184 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers Access-Control-Max-Age 86400 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET,POST Access-Control-Allow-Origin https://www.jamf.com Content-Length 7 Date Fri, 13 Dec 2024 02:10:01 GMT Content-Type text/html Access-Control-Allow-Headers *
GET H2	200	/ Show response ipv6.6sc.co/	4 B 280 B	468ms 145ms	XHR text/html	2.17.100.184 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software / Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store pragma no-cache 6si-ipv6 null expires Fri, 13 Dec 2024 02:10:01 GMT server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1734055801788_34694342_320135775_39_1452_55_154_219";dur=1 access-control-allow-origin https://www.jamf.com content-length 4 date Fri, 13 Dec 2024 02:10:01 GMT content-type text/html vary Origin
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	543ms 223ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A01%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "615ccf10-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:02 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:02 GMT content-type image/gif last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	541ms 221ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2013%20Dec%202024%2002%3A10%3A01%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22df43c14ec27d808caca15ca91f6f3fe1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2013%20Dec%202024%2002%3A10%3A01%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2013%20Dec%202024%2002%3A10%3A01%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2013%20Dec%202024%2002%3A10%3A01%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%221f92c41003508b12cbda34069bdda2a24dd3b63c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2013%20Dec%202024%2002%3A10%3A01%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "63f02dad-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:02 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:02 GMT content-type image/gif last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	common.min.js Show response service.force.com/embeddedservice/5.0/utils/	5 KB 2 KB	163ms 163ms	Script application/x-javascript	160.8.238.22 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/utils/common.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.8.238.22 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl7-ncg1-c3-arn3.eu53-ar3.force.com Software / Resource Hash 7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=63072000; includeSubDomains x-robots-tag none cache-control public,max-age=86400 content-encoding gzip origin-trial AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9 referrer-policy origin-when-cross-origin x-content-type-options nosniff expires Sat, 14 Dec 2024 02:10:01 GMT accept-ranges bytes date Fri, 13 Dec 2024 02:10:01 GMT last-modified Thu, 17 Feb 2022 23:57:30 GMT content-type application/x-javascript vary Accept-Encoding
POST H2	200	i Show response api.segment.io/v1/	21 B 171 B	285ms 284ms	Fetch application/json	34.223.74.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/i Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-223-74-168.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000 access-control-allow-origin https://www.jamf.com content-length 21 date Fri, 13 Dec 2024 02:10:01 GMT content-type application/json vary Origin
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/164/	11 KB 6 KB	131ms 131ms	Script application/x-javascript	184.31.85.59 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/164/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-85-59.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash dea9df0145848ffeb3c6931228d41e833341b4837c0e713d321c5bfcf6dcd4e6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers Cache-Control max-age=8640000 Content-Encoding gzip ETag "756f9116836f579d12be8fe786b69d98:1726632111.60799" Connection keep-alive Expires Sun, 23 Mar 2025 02:10:01 GMT Accept-Ranges bytes P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Length 4843 Date Fri, 13 Dec 2024 02:10:01 GMT Content-Type application/x-javascript Last-Modified Wed, 18 Sep 2024 04:01:51 GMT Server AkamaiNetStorage Vary Accept-Encoding
GET H3	200	wcm Show response www.googleadservices.com/pagead/conversion/1056637689/	81 B 95 B	297ms 133ms	XHR application/json	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/1056637689/wcm?cc=ZZ&dn=16126777075&cl=R0X6COSW9WwQ-YXs9wM&ct_eid=2 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/call-tracking/call-tracking_9.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash d22d4f2250deeb2d80f1587d7d81d85e17d412bbcd98315e18fd9e35dc021c3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff access-control-allow-origin https://www.jamf.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 72 date Fri, 13 Dec 2024 02:10:01 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	details Show response epsilon.6sense.com/v3/company/	766 B 662 B	439ms 183ms	XHR application/json	75.2.108.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.108.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afe865822f884bb48.awsglobalaccelerator.com Software / Resource Hash 5e7e64255f111aab0ab83b204eebaf1b8af29468611c425bb0b1f45d586761ad Request headers Authorization Token 1f92c41003508b12cbda34069bdda2a24dd3b63c X-6s-CustomID WebTag1.0 df43c14ec27d808caca15ca91f6f3fe1 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-expose-headers X-6si-Region timing-allow-origin https://6sense.com content-encoding gzip x-6si-region access-control-allow-credentials true access-control-allow-origin https://www.jamf.com content-length 405 date Fri, 13 Dec 2024 02:10:02 GMT content-type application/json vary Origin, Accept-Encoding
OPTIONS H2	200	details epsilon.6sense.com/v3/company/ Frame	0 0	409ms 132ms	Preflight	75.2.108.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.108.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afe865822f884bb48.awsglobalaccelerator.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-6s-customid Access-Control-Request-Method GET Origin https://www.jamf.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,x-6s-customid access-control-allow-methods OPTIONS,GET access-control-allow-origin https://www.jamf.com access-control-expose-headers X-6si-Region access-control-max-age 1800 content-length 0 date Fri, 13 Dec 2024 02:10:02 GMT timing-allow-origin https://6sense.com x-6si-region
POST H/1.1	200 OK	visitWebPage 532-tcs-411.mktoresp.com/webevents/	2 B 318 B	964ms 207ms	Ping text/plain	192.28.144.124 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://532-tcs-411.mktoresp.com/webevents/visitWebPage?_mchNc=1734055801733&_mchCn=&_mchId=532-TCS-411&_mchTk=_mch-jamf.com-1ddfeef67bd075a1255104469302f07d&_mchHo=www.jamf.com&_mchPo=&_mchRu=%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&_mchPc=https%3A&_mchVr=164&_mchEcid=&_mchHa=&_mchRe=&_mchQp= Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/164/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.144.124 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers Transfer-Encoding chunked X-Request-Id a4ebe3d9-8b5f-402c-83ea-1cbe192c0dca Content-Encoding gzip Connection keep-alive Access-Control-Allow-Origin * Date Fri, 13 Dec 2024 02:10:02 GMT Content-Type text/plain; charset=UTF-8 Server nginx/1.20.1
GET H2	200	esw.min.css service.force.com/embeddedservice/5.0/	9 KB 4 KB	163ms 161ms	Stylesheet text/css	160.8.238.22 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/esw.min.css Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.8.238.22 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl7-ncg1-c3-arn3.eu53-ar3.force.com Software / Resource Hash 721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=63072000; includeSubDomains x-robots-tag none cache-control public,max-age=86400 content-encoding gzip origin-trial AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9 referrer-policy origin-when-cross-origin x-content-type-options nosniff expires Sat, 14 Dec 2024 02:10:01 GMT accept-ranges bytes date Fri, 13 Dec 2024 02:10:01 GMT last-modified Fri, 27 Aug 2021 14:11:56 GMT content-type text/css vary Accept-Encoding
GET H2	200	liveagent.esw.min.js Show response service.force.com/embeddedservice/5.0/client/	20 KB 6 KB	171ms 170ms	Script application/x-javascript	160.8.238.22 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.8.238.22 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl7-ncg1-c3-arn3.eu53-ar3.force.com Software / Resource Hash 1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=63072000; includeSubDomains x-robots-tag none cache-control public,max-age=86400 content-encoding gzip origin-trial AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9 referrer-policy origin-when-cross-origin x-content-type-options nosniff expires Sat, 14 Dec 2024 02:10:01 GMT accept-ranges bytes date Fri, 13 Dec 2024 02:10:01 GMT last-modified Wed, 17 Aug 2022 20:11:18 GMT content-type application/x-javascript vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	399 KB 129 KB	151ms 150ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-X3RD84REYK&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 75559870339e1b02fc9edd8f2a69a0777dc7e67df12a4e66645dfd23af36a266 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Fri, 13 Dec 2024 02:10:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 02:10:02 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 132160 x-xss-protection 0 server Google Tag Manager
GET H2	200	web-vitals.iife.js Show response unpkg.com/web-vitals@4.2.4/dist/ Redirect Chain https://unpkg.com/web-vitals/dist/web-vitals.iife.js https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js	7 KB 3 KB	85ms 85ms	Script application/javascript	104.17.249.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Server 104.17.249.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br cf-cache-status HIT etag "1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg" age 2160116 x-content-type-options nosniff date Fri, 13 Dec 2024 02:10:02 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JCYGDX04ZSN7EKP21K6E19VK-cdg vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8f126a5c4d997d9b-TLV access-control-allow-origin * server cloudflare Redirect headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, s-maxage=600, max-age=60 location /web-vitals@4.2.4/dist/web-vitals.iife.js content-encoding br cf-cache-status HIT age 91 x-content-type-options nosniff via 1.1 fly.io cf-ray 8f126a5b8cf67d9b-TLV access-control-allow-origin * date Fri, 13 Dec 2024 02:10:02 GMT content-type text/plain; charset=utf-8 vary Accept, Accept-Encoding fly-request-id 01JEYWCMBQFD9002DV9RYGT65P-cdg server cloudflare
GET H2	200	ytag.js Show response s.yimg.jp/images/listing/tool/cv/	32 KB 11 KB	1453ms 369ms	Script application/javascript	124.83.185.252 YAHOO-JP-AS-AP Ya...
General Check archive.org Show headers Download Go to Full URL https://s.yimg.jp/images/listing/tool/cv/ytag.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 124.83.185.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP), Reverse DNS Software nghttpx / Resource Hash 9fac73795c105b173e30bcd29a477189d0664f29b7ea32814ea18f613eb05c3e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control public, max-age=600 content-encoding gzip accept-ch Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch age 102 ats-carp-promotion 1 permissions-policy ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=* content-length 10617 date Fri, 13 Dec 2024 02:08:21 GMT last-modified Tue, 05 Nov 2024 04:46:17 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding server nghttpx x-ntap-sg-trace-id db0f3c608d331261
POST H2	204	collect www.google-analytics.com/g/	0 0	403ms 128ms	Fetch text/plain	216.239.34.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-X3RD84REYK&gtm=45je4cc0v9102491963z872544203za200zb72544203&_p=1734055801161&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=367586833.1734055802&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734055802&sct=1&seg=0&dl=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&dt=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3825 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X3RD84REYK&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.34.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.jamf.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 02:10:02 GMT content-type text/plain server Golfe2
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	231ms 230ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A02%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A01%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "63f02dad-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:02 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:02 GMT content-type image/gif last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	jamf-non-critical.min.js Show response www.jamf.com/js/	175 KB 55 KB	138ms 138ms	Script application/javascript	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/js/jamf-non-critical.min.js?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 486db33a8f1b1c36a3145d14f836ed539bfdb22e7b198888655958696c864d43 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "2bd59-6290516c74f80-gzip" age 55524 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id 06KiA90PKR7tvu4uNz1MhKiB39TyhrWcR6daN3mWyteF7_SDmXH5qw== date Thu, 12 Dec 2024 10:44:39 GMT content-type application/javascript vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:54 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 55031 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	esw.html service.force.com/embeddedservice/5.0/ Frame A74B	0 0	483ms 161ms	Document text/html	160.8.239.22 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.8.239.22 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl8-ncg1-c3-arn3.eu53-ar3.force.com Software / Resource Hash Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.jamf.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control public,max-age=86400 content-encoding gzip content-security-policy upgrade-insecure-requests content-type text/html;charset=UTF-8 date Fri, 13 Dec 2024 02:10:03 GMT expires Sat, 14 Dec 2024 02:10:03 GMT last-modified Thu, 14 Sep 2023 00:07:46 GMT origin-trial AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9 referrer-policy origin-when-cross-origin strict-transport-security max-age=63072000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-robots-tag none
POST H3	200	collect www.google.com/ccm/	0 0	398ms 138ms	Ping text/plain	142.250.185.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=175242136.1734055804&auid=1439430186.1734055804&navt=n&npa=0&gtm=45He4cc0v72544203za200&gcs=G1--&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734055803574&tfd=5157&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers
GET H/1.1	200 OK	/ Show response c.6sc.co/	7 B 326 B	127ms 126ms	XHR text/html	2.17.100.184 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers Access-Control-Max-Age 86400 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET,POST Access-Control-Allow-Origin https://www.jamf.com Content-Length 7 Date Fri, 13 Dec 2024 02:10:03 GMT Content-Type text/html Access-Control-Allow-Headers *
GET H3	200	destination Show response www.googletagmanager.com/gtag/	262 KB 93 KB	152ms 151ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-1056637689&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 02eedeb254bbef2ca90b70efdecd2004e49db1a4a698de43e1013d3d47985382 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Fri, 13 Dec 2024 02:10:03 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 02:10:03 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 13 Dec 2024 00:21:08 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 94729 x-xss-protection 0 server Google Tag Manager
GET H2	200	bat.js Show response bat.bing.com/	50 KB 15 KB	437ms 169ms	Script application/javascript	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding gzip etag "028e0691d20db1:0" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 72FF8A174C004819BF48FD84A632FAF1 Ref B: TLV30EDGE0106 Ref C: 2024-12-13T02:10:03Z accept-ranges bytes x-cache CONFIG_NOCACHE content-length 14570 date Fri, 13 Dec 2024 02:10:03 GMT content-type application/javascript last-modified Wed, 16 Oct 2024 22:47:44 GMT vary Accept-Encoding
GET H3	200	destination Show response www.googletagmanager.com/gtag/	262 KB 93 KB	152ms 151ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-842533086&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 7d8c0ae46994cfe2d4d75f94c5e9ba91049f7bbda9d5df3f587f4627b648da09 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Fri, 13 Dec 2024 02:10:03 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 02:10:03 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 13 Dec 2024 00:21:08 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 94881 x-xss-protection 0 server Google Tag Manager
GET H3	200	destination Show response www.googletagmanager.com/gtag/	261 KB 92 KB	240ms 239ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-660916633&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 3cc6ee101e4ac62161d91c0df627bc6900c4f93f0bf70e89b9281dab4db6ce26 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Fri, 13 Dec 2024 02:10:03 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 02:10:03 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 13 Dec 2024 00:21:08 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 94536 x-xss-protection 0 server Google Tag Manager
GET H2	200	oct.js Show response static.ads-twitter.com/ Redirect Chain https://platform.twitter.com/oct.js https://static.ads-twitter.com/oct.js	57 KB 16 KB	389ms 121ms	Script application/javascript	146.75.116.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/oct.js Protocol H2 Server 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers vary Accept-Encoding,Host cache-control no-cache content-encoding gzip etag "4328e910de583ad53b3a7a76455af005+gzip+gzip" accept-ranges bytes x-cache HIT, HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" content-length 15926 date Fri, 13 Dec 2024 02:10:04 GMT x-tw-cdn FT last-modified Tue, 29 Oct 2024 20:04:45 GMT content-type application/javascript; charset=utf-8 x-served-by cache-iad-kiad7000059-IAD, cache-fra-eddf8230031-FRA x-amz-server-side-encryption AES256 Redirect headers retry-after 0 location https://static.ads-twitter.com/oct.js tw-cdn FT accept-ranges bytes x-cache HIT content-length 0 date Fri, 13 Dec 2024 02:10:03 GMT x-served-by cache-fra-etou8220026-FRA vary
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	404ms 127ms	Script application/javascript	2.16.164.35 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.164.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-16-164-35.deploy.static.akamaitechnologies.com Software / Resource Hash 5615cdac4c30b1fb905891f5de1e1dcf7745b6b0ec88cfc89360ee48fc240977 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=14301 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 5114 date Fri, 13 Dec 2024 02:10:03 GMT last-modified Wed, 11 Dec 2024 08:31:33 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	282ms 141ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-22feH3hL' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Fri, 13 Dec 2024 02:10:03 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-22feH3hL' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=141, rtx=0, c=24, mss=1232, tbw=8230, tp=13, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug mDrsSdW0m/8mGHESp5u/vsJL9XA9do7K71E6fJ9t93S1qSa0U9Dtv+EySNzyDiIjphR8DRgqZekvh4QoJREjTQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" content-length 62212 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	events.js Show response tags.srv.stackadapt.com/	22 KB 7 KB	499ms 222ms	Script text/javascript	18.184.85.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/events.js Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.184.85.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-85-154.eu-central-1.compute.amazonaws.com Software / Resource Hash 55ac666ef9e17a4ad3dc611b299bdfdc691cbf20ef779400293c1f05a196562c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-allow-origin * cache-control max-age=5 content-encoding gzip date Fri, 13 Dec 2024 02:10:04 GMT content-type text/javascript
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	43 KB 13 KB	416ms 136ms	Script application/javascript	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.jamf.com URL: https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control public, max-age=60 nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} content-encoding gzip etag "1a001f3a066bff47a766099b87253911" report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 12220 date Fri, 13 Dec 2024 02:10:03 GMT last-modified Mon, 18 Nov 2024 21:16:35 GMT content-type application/javascript vary Accept-Encoding,Origin server snooserv x-amz-server-side-encryption AES256
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	224ms 224ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2013%20Dec%202024%2002%3A10%3A03%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%222038%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "63f020a0-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:03 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:03 GMT content-type image/gif last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	/ attr.ml-api.io/ Redirect Chain https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3djamf.com%26pId%3d%24UID https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3djamf.com%26pId%3d%24UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253djamf.com%2526pId%253d%2524UID https://attr.ml-api.io/?domain=jamf.com&pId=820033417449681947	4 B 280 B	821ms 485ms	Image application/json	65.9.66.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://attr.ml-api.io/?domain=jamf.com&pId=820033417449681947 Protocol H2 Server 65.9.66.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-54.fra56.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers via 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront) apigw-requestid CtSbqhJyIAMEbHg= alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront content-length 4 x-amz-cf-id pIddpAbeB1DOwJfH0aLbUlJli2N_3wXWaZiM-nuSfRwSDYHoKC_lCQ== date Fri, 13 Dec 2024 02:10:05 GMT content-type application/json x-amz-cf-pop FRA56-C1 Redirect headers cache-control no-store, no-cache, private location https://attr.ml-api.io/?domain=jamf.com&pId=820033417449681947 pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 31.187.78.194; 31.187.78.194; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid 33179b7f-8f96-4272-b9e1-ed814a71e469 content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Fri, 13 Dec 2024 02:10:04 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
GET		rum dsum-sec.casalemedia.com/ Redirect Chain https://insight.adsrvr.org/track/pxl/?adv=h4n1p31&ct=0:2biwice&fmt=3 https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=N2NmMzYyMjQtYTEzYy00NTEwLThhZTYtNzkzODQzNGFjZGU1&gdpr=0&gdpr_consent=&ttd_tdid=7cf36224-a13c-4510-8ae6-79384... https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=N2NmMzYyMjQtYTEzYy00NTEwLThhZTYtNzkzODQzNGFjZGU1&gdpr=0&gdpr_consent=&ttd_tdid=7cf36224-a13c-4510-8ae6-793... https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7cf36224-a13c-4510-8ae6-7938434acde5&google_gid=CAESEExpOXJHc2324ylEaoho_b0&google_cver=1 https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7cf36224-a13c-4510-8ae6-7938434acde5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=7cf36224-a13c-4510-8ae6-7938434acde5 https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=820033417449681947&ttd_tdid=7cf36224-a13c-4510-8ae6-7938434acde5 https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=7cf36224-a13c-4510-8ae6-7938434acde5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=7cf36224-a13c-4510-8ae6-7938434acde5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7cf36224-a13c-4510-8ae6-7938434acde5&expiration=1736647806&gdpr=0&gdpr_consent=	0 0
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4cc0/ Frame F672	0 0	388ms 128ms	Document text/html	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.jamf.com Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS7Q67&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 29262 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Thu, 12 Dec 2024 18:02:22 GMT expires Fri, 12 Dec 2025 18:02:22 GMT last-modified Thu, 12 Dec 2024 10:18:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	219ms 219ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A03%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A02%20GMT%22%2C%22timeSpent%22%3A%221146%22%2C%22totalTimeSpent%22%3A%222149%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "63f020a0-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:03 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:03 GMT content-type image/gif last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	geofeed Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/location/	78 B 247 B	241ms 90ms	Script text/javascript	172.64.155.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jamf-non-critical.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77067a5ee8f00836f9bbe331744747887eea59f1c30b3d8314d95bb96496c370 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 8f126a664dbcc233-TLV content-encoding gzip date Fri, 13 Dec 2024 02:10:03 GMT content-type text/javascript vary Accept-Encoding server cloudflare
GET H2	200	print.css www.jamf.com/css/	19 KB 6 KB	138ms 137ms	Stylesheet text/css	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/css/print.css?v=20241211144436 Requested by Host: www.jamf.com URL: https://www.jamf.com/js/jquery.min.js?v=20241211144436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash 8fc754e0e3bd090905ae6446f00dbaa00f1cd1b76211f2a06e261445ab07c79d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers content-encoding gzip etag "4d07-62905162eb900-gzip" age 55524 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id Z4dfFPkXqcJqBB9XoQc8a4AbsrXbK5E9h1kAX5R7cfujsxJHc3lFuA== date Thu, 12 Dec 2024 10:44:39 GMT content-type text/css vary Accept-Encoding last-modified Wed, 11 Dec 2024 21:14:44 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=2592000, s-maxage=2592000, immutable content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint referrer-policy strict-origin-when-cross-origin via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) accept-ranges bytes content-length 4966 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	details Show response epsilon.6sense.com/v3/company/	766 B 661 B	155ms 154ms	XHR application/json	75.2.108.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.108.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afe865822f884bb48.awsglobalaccelerator.com Software / Resource Hash 5e7e64255f111aab0ab83b204eebaf1b8af29468611c425bb0b1f45d586761ad Request headers Authorization Token 1f92c41003508b12cbda34069bdda2a24dd3b63c X-6s-CustomID WebTag1.0 df43c14ec27d808caca15ca91f6f3fe1 Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-expose-headers X-6si-Region timing-allow-origin https://6sense.com content-encoding gzip x-6si-region access-control-allow-credentials true access-control-allow-origin https://www.jamf.com content-length 405 date Fri, 13 Dec 2024 02:10:03 GMT content-type application/json vary Origin, Accept-Encoding
POST H2	200	i Show response api.segment.io/v1/	21 B 171 B	282ms 281ms	Fetch application/json	34.223.74.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/i Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/t5I7xjAjlbs6x0yXQAOc7p1XbGBC00E5/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-223-74-168.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000 access-control-allow-origin https://www.jamf.com content-length 21 date Fri, 13 Dec 2024 02:10:04 GMT content-type application/json vary Origin
GET H2	200	5189232.js Show response bat.bing.com/p/action/	2 KB 983 B	181ms 179ms	Script application/javascript	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5189232.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a35ba4a77065ef50d4e814cc7fed72bd8e036b44f5e956b827061c2991382531 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=60 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 9DC7A80C96D343EF83600181517C8003 Ref B: TLV30EDGE0106 Ref C: 2024-12-13T02:10:04Z x-cache CONFIG_NOCACHE date Fri, 13 Dec 2024 02:10:03 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	126ms 124ms	Script application/javascript	2.16.164.35 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.164.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-16-164-35.deploy.static.akamaitechnologies.com Software / Resource Hash e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=65690 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 14634 date Fri, 13 Dec 2024 02:10:04 GMT last-modified Mon, 02 Dec 2024 19:22:52 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_x7dqc/	3 B 124 B	380ms 122ms	XHR application/json	151.101.193.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_x7dqc/config Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=14400 content-encoding gzip via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 27 date Fri, 13 Dec 2024 02:10:04 GMT content-type application/json
GET H2	200	t2_x7dqc_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 700 B	393ms 134ms	XHR application/json	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_x7dqc_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=300 nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} content-encoding gzip report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 98 date Fri, 13 Dec 2024 02:10:04 GMT content-type application/json vary Accept-Encoding,Origin server snooserv
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	491ms 212ms	Image image/gif	151.101.1.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1734055804083&id=t2_x7dqc&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=4076fb65-7b81-41b4-b768-c3c3283b8f91&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} retry-after 0 cross-origin-resource-policy cross-origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish accept-ranges bytes content-length 42 date Fri, 13 Dec 2024 02:10:04 GMT content-type image/gif server Varnish
GET H3	200	2868666566589911 Show response connect.facebook.net/signals/config/	69 KB 14 KB	248ms 247ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2868666566589911?v=2.9.178&r=stable&domain=www.jamf.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 1e9cd64616644dfee060cb7fb3fce5f631b9f1ce02861de7458a618ef8659254 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-6BqKsLjJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Fri, 13 Dec 2024 02:10:04 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-6BqKsLjJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=138, rtx=0, c=80, mss=1232, tbw=74330, tp=71, tpl=0, uplat=113, ullat=0 pragma public x-fb-debug XOOqJhdWrQ3/B1SB85KDslvUH6Y041IE3zTta2hHPQdCvnvNeEJkCnOPahczEJZWt590p/8GyQm9FAVuP193gg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1056637689/	5 KB 2 KB	401ms 145ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1056637689/?random=1734055804167&cv=11&fst=1734055804167&bg=ffffff&guid=ON&async=1&gtm=45be4cc0z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-1056637689&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 649c4142bf389e31877a0257bc85acd3884ddb28d78c04102f1590f638eb5af6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 2298 date Fri, 13 Dec 2024 02:10:04 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	1056637689 td.doubleclick.net/td/rul/ Frame 3393	0 0	404ms 142ms	Document text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/rul/1056637689?random=1734055804167&cv=11&fst=1734055804167&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc0z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-1056637689&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.jamf.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Dec 2024 02:10:04 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	td www.googletagmanager.com/	0 18 B	134ms 134ms	Image text/plain	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/td?id=AW-1056637689&v=3&t=t&pid=834074467&dl=www.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&tdp=AW-1056637689;;1;7;1&frm=0&rtg=2544203&slo=24&hlo=3&lst=2&pcid=2544203&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 date Fri, 13 Dec 2024 02:10:04 GMT content-type text/plain server Golfe2
GET H2	200	sa.css tags.srv.stackadapt.com/	65 B 203 B	214ms 214ms	Stylesheet text/css	18.184.85.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.css Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.184.85.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-85-154.eu-central-1.compute.amazonaws.com Software / Resource Hash c538c77bed3f827d27f063946bef7de87ec446e9731a654687cb553d7b954cb7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-allow-origin * cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 65 date Fri, 13 Dec 2024 02:10:04 GMT content-type text/css
GET H2	200	sa.jpeg Show response tags.srv.stackadapt.com/	0 2 KB	479ms 224ms	Fetch image/jpeg	18.184.85.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.jpeg Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.184.85.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-85-154.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-allow-origin * cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 651 date Fri, 13 Dec 2024 02:10:04 GMT content-type image/jpeg
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/842533086/	5 KB 2 KB	298ms 140ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842533086/?random=1734055804266&cv=11&fst=1734055804266&bg=ffffff&guid=ON&async=1&gtm=45be4cc0z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-842533086&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 4e8cf7bf27735593b91f00c9205231ce2cae6e3b8840ac6a7e68b96d8f3ba957 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 2303 date Fri, 13 Dec 2024 02:10:04 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	842533086 td.doubleclick.net/td/rul/ Frame 0230	0 0	327ms 184ms	Document text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/rul/842533086?random=1734055804266&cv=11&fst=1734055804266&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc0z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-842533086&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.jamf.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Dec 2024 02:10:04 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/660916633/	43 B 61 B	214ms 139ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/660916633/?random=1734055804348&cv=11&fst=1734055804348&bg=ffffff&guid=ON&async=1&gtm=45be4cc0v9100523464z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&rdp=1&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-660916633&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 37 date Fri, 13 Dec 2024 02:10:04 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	660916633 td.doubleclick.net/td/rul/ Frame 5BE4	0 0	254ms 175ms	Document text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/rul/660916633?random=1734055804348&cv=11&fst=1734055804348&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc0v9100523464z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&rdp=1&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-660916633&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.jamf.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Dec 2024 02:10:04 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 763 B	396ms 210ms	XHR application/json	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=37100%2C360601&time=1734055804398&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept * Referer https://www.jamf.com/ Response headers x-li-pop afd-prod-lva1-x content-encoding gzip x-fs-uuid 0006291d54422f2b05e4fd8b6bcd8753 x-msedge-ref Ref A: FAA3C36EAA714B2297C177EBCB427AF7 Ref B: TLV30EDGE0308 Ref C: 2024-12-13T02:10:04Z x-li-fabric prod-lva1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYpHVRCLysF5P2La82HUw== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Fri, 13 Dec 2024 02:10:04 GMT content-type application/json access-control-allow-headers *
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37100%2C360601&time=1734055804398&li_adsId=4d7d5bae-9bf9-4c0f-8be1-4373268a3db4&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-fro... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37100%2C360601&time=1734055804398&li_adsId=4d7d5bae-9bf9-4c0f-8be1-4373268a3db4&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-fro... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D37100%252C360601%26time%3D1734055804398%26li_adsId%3D4d7d5bae-9bf9-4c0f-8be1-4373... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37100%2C360601&time=1734055804398&li_adsId=4d7d5bae-9bf9-4c0f-8be1-4373268a3db4&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-fro...	0 382 B	275ms 269ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37100%2C360601&time=1734055804398&li_adsId=4d7d5bae-9bf9-4c0f-8be1-4373268a3db4&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&cookiesTest=true&liSync=true Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers linkedin-action 1 x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 40FD235D148F476F9266B0C0287B3FC0 Ref B: TLV30EDGE0410 Ref C: 2024-12-13T02:10:05Z x-li-fabric prod-lor1 x-li-uuid AAYpHVRU8lhR0BOoeNYR5g== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Fri, 13 Dec 2024 02:10:05 GMT content-type application/javascript Redirect headers linkedin-action 1 cf-cache-status DYNAMIC x-li-fabric prod-lor1 x-content-type-options nosniff expires Thu, 01 Jan 1970 00:00:00 GMT x-li-proto http/2 alt-svc h3=":443"; ma=86400 date Fri, 13 Dec 2024 02:10:05 GMT x-frame-options sameorigin strict-transport-security max-age=31536000 x-li-pop cf-prod-lor1-x content-security-policy frame-ancestors 'self' cache-control no-cache, no-store location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37100%2C360601&time=1734055804398&li_adsId=4d7d5bae-9bf9-4c0f-8be1-4373268a3db4&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&cookiesTest=true&liSync=true pragma no-cache cf-ray 8f126a704a417d98-TLV x-li-uuid AAYpHVRQGOEGDRG/fnYivg== content-length 0 server cloudflare
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 563 B	396ms 221ms	XHR text/plain	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.jamf.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 1D0967D77A2849A68425B841EA07ADFE Ref B: TLV30EDGE0410 Ref C: 2024-12-13T02:10:04Z x-li-fabric prod-lva1 access-control-allow-credentials true x-li-uuid AAYpHVRCKPaHUc1aKCTFHQ== x-li-proto http/2 access-control-allow-origin https://www.jamf.com x-cache CONFIG_NOCACHE date Fri, 13 Dec 2024 02:10:03 GMT vary Origin
GET H2	200	5189232 Show response bat.bing.com/p/insights/t/	762 B 911 B	250ms 250ms	Script application/x-javascript	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/t/5189232 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/5189232.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d1eb8ef1a30302acb9a4c9ad17f8e680b639b97148aeed8139af5f94bd9321f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, no-store content-encoding gzip accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6E92CEBD1DEA4443ABA61CE7F9D5A300 Ref B: TLV30EDGE0106 Ref C: 2024-12-13T02:10:04Z request-context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78 expires -1 accept-ranges bytes x-cache CONFIG_NOCACHE content-length 630 date Fri, 13 Dec 2024 02:10:04 GMT content-type application/x-javascript vary Accept-Encoding x-azure-ref 20241213T021004Z-17f4cff967dl5bfkhC1DB19ae800000001qg0000000027uc
GET H2	204	0 bat.bing.com/action/	0 286 B	150ms 149ms	Image text/plain	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5189232&tm=gtm002&Ver=2&mid=6eb13d4c-b57d-48f9-90a1-6b343f77b1a9&bo=1&sid=5dee30c0b8f711efafff49e07116d654&vid=5dee69c0b8f711efab7933abbdef90dd&vids=1&msclkid=N&pi=918639831&lg=he-IL&sw=1600&sh=1200&sc=24&tl=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&p=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&r=&lt=5117&evt=pageLoad&sv=1&cdb=AQET&rn=109773 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: AF935C507EA242468E52189AF79DEBBF Ref B: TLV30EDGE0106 Ref C: 2024-12-13T02:10:04Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Fri, 13 Dec 2024 02:10:04 GMT
GET H3	200	1055208899231463 Show response connect.facebook.net/signals/config/	25 KB 3 KB	243ms 243ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1055208899231463?v=2.9.178&r=stable&domain=www.jamf.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 75f5d6051441802956fac6f9e23308cd85e7e57188c05a42b86830dadfacf3ed Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-vGs9PDPF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Fri, 13 Dec 2024 02:10:04 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-vGs9PDPF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=132, rtx=0, c=92, mss=1232, tbw=89626, tp=87, tpl=0, uplat=95, ullat=0 pragma public x-fb-debug rpAhez+xV6LiuiQHIJ9UdS6x/fdIP8A617cBwHaLo2oml+g2ORbX+s2BSgyjeuUdJVbiEbwSkOToKaGSksMeew== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H/1.1	200 OK	EmbeddedServiceConfig.jsonp Show response d.la1-c1-ia7.salesforceliveagent.com/chat/rest/EmbeddedService/	175 B 568 B	1355ms 212ms	Script text/javascript	136.146.43.66 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://d.la1-c1-ia7.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00DDn000006DSbz&EmbeddedServiceConfig.configName=Sales_Chat&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=en Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.146.43.66 , United States, ASN14340 (SALESFORCE, US), Reverse DNS dcl12-ncg1-c8-iad5.la1-c1-ia7.salesforceliveagent.com Software / Resource Hash cbfcc54534958a7d97b27006197eb077158fb067af87c488d45b0c67c3c7b22d Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers Cache-Control no-cache Content-Encoding gzip Pragma no-cache Connection close Access-Control-Allow-Credentials true X-Content-Type-Options nosniff Expires -1 Access-Control-Allow-Origin * Content-Type text/javascript
GET H2	200	invite.esw.min.js Show response service.force.com/embeddedservice/5.0/client/	19 KB 5 KB	162ms 162ms	Script application/x-javascript	160.8.238.22 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.8.238.22 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl7-ncg1-c3-arn3.eu53-ar3.force.com Software / Resource Hash 11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=63072000; includeSubDomains x-robots-tag none cache-control public,max-age=86400 content-encoding gzip origin-trial AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9 referrer-policy origin-when-cross-origin x-content-type-options nosniff expires Sat, 14 Dec 2024 02:10:04 GMT accept-ranges bytes date Fri, 13 Dec 2024 02:10:04 GMT last-modified Fri, 24 Sep 2021 16:25:36 GMT content-type application/x-javascript vary Accept-Encoding
GET H2	200	adsct t.co/i/	43 B 627 B	422ms 261ms	Image image/gif	162.159.140.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=1&dv=Asia%2FJerusalem%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2610%2624%261600%261200%260%26na&eci=1&event_id=39e1900e-c403-4cd2-808c-a269e482fcfe&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=842d63af-587c-4dd2-a481-3c0e989b7234&tw_document_href=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=l60ye&type=javascript&version=2.3.31 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=0 x-transaction-id 35ca7a560fcd4b5a cache-control no-cache, no-store, max-age=0 x-connection-hash 3a010fb302f2f6581b176facf0fa427990abcb3ddcf8c70fa7c58541596da20e cf-cache-status DYNAMIC cf-ray 8f126a6b3b337d9e-TLV x-response-time 102 content-length 43 date Fri, 13 Dec 2024 02:10:04 GMT content-type image/gif;charset=utf-8 perf 7402827104 server cloudflare tsa_o
GET H2	200	adsct analytics.twitter.com/i/	43 B 395 B	620ms 317ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=1&dv=Asia%2FJerusalem%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2610%2624%261600%261200%260%26na&eci=1&event_id=39e1900e-c403-4cd2-808c-a269e482fcfe&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=842d63af-587c-4dd2-a481-3c0e989b7234&tw_document_href=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=l60ye&type=javascript&version=2.3.31 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_f / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=631138519 x-transaction-id 2801d15822854d35 cache-control no-cache, no-store, max-age=0 x-connection-hash 2e467d7ca71a8ac96ad279f23b814cddee7fb6983d9dce636ec9183cd10db95f x-response-time 188 content-length 43 date Fri, 13 Dec 2024 02:10:03 GMT perf 7402827104 content-type image/gif;charset=utf-8 server tsa_f
GET H3	200	/ www.google.com/pagead/1p-user-list/842533086/	42 B 64 B	160ms 159ms	Image image/gif	142.250.185.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/842533086/?random=1734055804266&cv=11&fst=1734055200000&bg=ffffff&guid=ON&async=1&gtm=45be4cc0z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dIpjEcSFFssIMpLOg1zOSQ__MUw7GZw&random=2699597953&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 13 Dec 2024 02:10:04 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	/ www.google.co.il/pagead/1p-user-list/842533086/	42 B 108 B	401ms 139ms	Image image/gif	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.il/pagead/1p-user-list/842533086/?random=1734055804266&cv=11&fst=1734055200000&bg=ffffff&guid=ON&async=1&gtm=45be4cc0z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dIpjEcSFFssIMpLOg1zOSQ__MUw7GZw&random=2699597953&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 13 Dec 2024 02:10:04 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.com/pagead/1p-user-list/1056637689/	42 B 64 B	140ms 138ms	Image image/gif	142.250.185.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1056637689/?random=1734055804167&cv=11&fst=1734055200000&bg=ffffff&guid=ON&async=1&gtm=45be4cc0z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dI3uh-zlQ3j3LvmRrgTSeEqWTw0POnA&random=474044084&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 13 Dec 2024 02:10:04 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	/ www.google.co.il/pagead/1p-user-list/1056637689/	42 B 455 B	394ms 137ms	Image image/gif	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.il/pagead/1p-user-list/1056637689/?random=1734055804167&cv=11&fst=1734055200000&bg=ffffff&guid=ON&async=1&gtm=45be4cc0z872544203za201zb72544203&gcd=13l3l3l3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&hn=www.googleadservices.com&frm=0&tiba=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&npa=0&pscdl=noapi&auid=1439430186.1734055804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dI3uh-zlQ3j3LvmRrgTSeEqWTw0POnA&random=474044084&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 13 Dec 2024 02:10:04 GMT x-xss-protection 0 content-type image/gif server cafe
GET H/1.1	200 OK	Settings.jsonp Show response d.la1-c1-ia7.salesforceliveagent.com/chat/rest/Visitor/	178 B 568 B	1178ms 209ms	Script text/javascript	136.146.43.66 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://d.la1-c1-ia7.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[573Dn0000005dTC]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=572Dn0000005dSz&org_id=00DDn000006DSbz&version=48 Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.146.43.66 , United States, ASN14340 (SALESFORCE, US), Reverse DNS dcl12-ncg1-c8-iad5.la1-c1-ia7.salesforceliveagent.com Software / Resource Hash 47dd3d27d84712b2a13e789a4d06bdd530ddfd504b0ce4fe2b7d83341171256e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers Cache-Control no-cache Content-Encoding gzip Pragma no-cache Connection close Access-Control-Allow-Credentials true X-Content-Type-Options nosniff Expires -1 Access-Control-Allow-Origin * Content-Type text/javascript
GET H2	200	inert.min.js Show response service.force.com/embeddedservice/5.0/utils/	8 KB 3 KB	177ms 177ms	Script application/x-javascript	160.8.238.22 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/utils/inert.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 160.8.238.22 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl7-ncg1-c3-arn3.eu53-ar3.force.com Software / Resource Hash 12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=63072000; includeSubDomains x-robots-tag none cache-control public,max-age=86400 content-encoding gzip origin-trial AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9 referrer-policy origin-when-cross-origin x-content-type-options nosniff expires Sat, 14 Dec 2024 02:10:04 GMT accept-ranges bytes date Fri, 13 Dec 2024 02:10:04 GMT last-modified Tue, 18 Aug 2020 17:12:46 GMT content-type application/x-javascript vary Accept-Encoding
GET H2	200	0.7.58 Show response bat.bing.com/p/insights/s/	36 KB 16 KB	178ms 176ms	Script application/javascript	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/s/0.7.58 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/insights/t/5189232 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8cde5ab0584cefb627a53f472b8644d67faa97c7be370e9cf9a1298e66e9c291 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding br x-ms-version 2018-03-28 etag W/"0x8DD19E027E64596" x-fd-int-roxy-purgeid 79034942 x-cache CONFIG_NOCACHE date Fri, 13 Dec 2024 02:10:04 GMT content-type application/javascript;charset=utf-8 last-modified Wed, 11 Dec 2024 12:34:28 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E915B743A0BB44B495A26B939502812D Ref B: TLV30EDGE0106 Ref C: 2024-12-13T02:10:04Z x-ms-request-id ecf0493c-701e-003e-2fad-4cb9a4000000 access-control-allow-origin * content-length 15808 x-azure-ref 20241213T021004Z-17f4cff967djk6z7hC1DB10u6800000001a0000000000vqy
GET H3	200	/ www.facebook.com/tr/	0 19 B	285ms 139ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2868666566589911&ev=PageView&dl=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&rl=&if=false&ts=1734055804687&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1734055804675.426991870100823331&ler=empty&cdl=API_unavailable&it=1734055804110&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8228, tp=13, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Fri, 13 Dec 2024 02:10:04 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 195 B	293ms 291ms	Image image/png	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2868666566589911&ev=PageView&dl=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&rl=&if=false&ts=1734055804687&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1734055804675.426991870100823331&ler=empty&cdl=API_unavailable&it=1734055804110&coo=false&rqm=FGET Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447712967783230217"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447712967783230217"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Fri, 13 Dec 2024 02:10:05 GMT content-type image/png vary Accept-Encoding x-fb-debug 4SA5pswqnxDTWlum+TqMgpdSyQ9uIYgnuYLBPtMVe2+SIXSfgr3jzqsXZtsEUsCUAbYLm8WmLtwdgJjUuLPQ/g== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447712967783230217", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=133, rtx=0, c=26, mss=1232, tbw=12696, tp=27, tpl=0, uplat=159, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	134ms 133ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1055208899231463&ev=PageView&dl=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&rl=&if=false&ts=1734055804693&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1734055804675.426991870100823331&ler=empty&cdl=API_unavailable&it=1734055804110&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=133, rtx=0, c=26, mss=1232, tbw=8824, tp=21, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Fri, 13 Dec 2024 02:10:05 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 198 B	179ms 177ms	Image image/png	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1055208899231463&ev=PageView&dl=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&rl=&if=false&ts=1734055804693&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1734055804675.426991870100823331&ler=empty&cdl=API_unavailable&it=1734055804110&coo=false&rqm=FGET Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447712973363743720"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447712973363743720"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Fri, 13 Dec 2024 02:10:05 GMT content-type image/png vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447712973363743720", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=133, rtx=0, c=26, mss=1232, tbw=9064, tp=24, tpl=0, uplat=42, ullat=0 pragma no-cache x-fb-debug rkYJp2qAmEaNJRYV15+eaHvLd78TN9+HVw4Ea3ukvnH0Ydf62GdiZ3mMqLpNYS1xo+7jlgdsyi0A1ksFCXxBWw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	219ms 219ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A03%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%223153%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "63f020a0-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:04 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:04 GMT content-type image/gif last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	saq_pxl Show response tags.srv.stackadapt.com/	138 B 330 B	218ms 218ms	XHR text/plain	18.184.85.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/saq_pxl?uid=RJ4vlpDRxQ7MTd0ZyybTvA&is_js=true&landing_url=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&t=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&tip=tso0Rvt5cFjeWevIWlLWla4uViL1wECjdmwPi-j_wHM&host=https%3A%2F%2Fwww.jamf.com&sa_conv_data_css_value=%270-f09a09db-3f54-5f93-5616-041afeaa0e2f%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9f09a09db3f545f935616041afeaa0e2f1fbb4ec2&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKINAbTgZlB4vQaXQZotPspsvy7wMqFcWwV2HT4l6RErkwENYBGAQg_K7uugYwAToExbdv9kIEbahjrg.SnIf1Lm4maw%252BfewHgLjoq0WoxI9xbiM2cSMlPbB3a4s&sa-user-id-v2=s%253A8JoJ2z9UX5NWFgQa_qoOLx-7TsI.US7EsDUNQid8fexZaE53AtPv1%252Fv%252BU%252FT36yFmsN0USLI&sa-user-id=s%253A0-f09a09db-3f54-5f93-5616-041afeaa0e2f.X4vsyPrwDlmrNSUWxLmvzY3r7PuDZcmx59XGDazHh5Q Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.184.85.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-85-154.eu-central-1.compute.amazonaws.com Software / Resource Hash d468ce6cacd00d07b5e7a9473ca5958ee4342f22e48546b36e4eee058f0f9ae4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers access-control-allow-methods GET access-control-allow-origin https://www.jamf.com content-length 138 date Fri, 13 Dec 2024 02:10:04 GMT content-type text/plain; charset=utf-8 access-control-allow-credentials true access-control-allow-headers *
POST H2	204	d Show response bat.bing.com/p/insights/c/	0 209 B	235ms 229ms	XHR text/plain	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/c/d Requested by Host: bat.bing.com URL: https://bat.bing.com/p/insights/s/0.7.58 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/x-webinsights-gzip Referer https://www.jamf.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6865FDBA5CF84B819C8469FDDD6F22B1 Ref B: TLV30EDGE0106 Ref C: 2024-12-13T02:10:05Z access-control-allow-credentials true request-context appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111 access-control-allow-origin https://www.jamf.com x-cache CONFIG_NOCACHE date Fri, 13 Dec 2024 02:10:04 GMT vary Origin
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	219ms 218ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A04%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%224156%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "63f02dad-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:05 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:05 GMT content-type image/gif last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	Settings.jsonp Show response d.la13-core1.sfdc-8tgtt5.salesforceliveagent.com/chat/rest/Visitor/	353 B 441 B	687ms 214ms	Script text/javascript	3.136.179.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.la13-core1.sfdc-8tgtt5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[573Dn0000005dTC]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=572Dn0000005dSz&org_id=00DDn000006DSbz&version=48 Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.136.179.150 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-179-150.us-east-2.compute.amazonaws.com Software / Resource Hash 8a9f6613bdec6e28b278ebcea6e5ef3f40fbc4b049e73f61b3666927f7b6e969 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control no-cache content-encoding gzip pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires -1 access-control-allow-origin * date Fri, 13 Dec 2024 02:10:06 GMT content-type text/javascript
GET H2	200	EmbeddedServiceConfig.jsonp Show response d.la13-core1.sfdc-8tgtt5.salesforceliveagent.com/chat/rest/EmbeddedService/	15 KB 3 KB	698ms 226ms	Script text/javascript	3.136.179.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.la13-core1.sfdc-8tgtt5.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00DDn000006DSbz&EmbeddedServiceConfig.configName=Sales_Chat&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=en Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.136.179.150 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-179-150.us-east-2.compute.amazonaws.com Software / Resource Hash 051714c7a8432ece49a03ecad0304752c5837655ebf449d2927461c3deed4b5b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control no-cache content-encoding gzip pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires -1 access-control-allow-origin * date Fri, 13 Dec 2024 02:10:05 GMT content-type text/javascript
GET H2	200	favicon-32x32.png www.jamf.com/	414 B 1 KB	162ms 140ms	Other image/png	18.245.86.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.jamf.com/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-43.fra60.r.cloudfront.net Software Apache/2.4.41 (Ubuntu) / Resource Hash f9a6c944861c4f365cb901665b56fcba383b67cdf7c43e533b0ac4d258d1c61f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/blog/tcc-bypass-steals-data-from-icloud/ Response headers etag "19e-6288a0e6ebc40" age 55550 report-to {'group': 'csp-endpoint', 'max_age': 10886400, 'url': '/csp-violation-report-endpoint.php'} x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id wWjCWdz263IiJI8MdFBhXuTEfyLz_vizFW_y3-TykM5ARQjtDQ0Clg== date Thu, 12 Dec 2024 10:44:16 GMT content-type image/png last-modified Thu, 05 Dec 2024 18:27:53 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains content-security-policy-report-only default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri /csp-violation-report-endpoint.php; report-to csp-endpoint via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) referrer-policy strict-origin-when-cross-origin accept-ranges bytes content-length 414 x-amz-cf-pop FRA60-P6 server Apache/2.4.41 (Ubuntu)
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	225ms 224ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A05%20GMT%22%2C%22timeSpent%22%3A%221041%22%2C%22totalTimeSpent%22%3A%225197%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "60bb2e15-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:06 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:06 GMT content-type image/gif last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	232ms 232ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A06%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%226197%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "5e502810-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:07 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:07 GMT content-type image/gif last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	222ms 222ms	Image image/gif	2.17.100.210 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=df43c14ec27d808caca15ca91f6f3fe1&svisitor=null&visitor=78034666-2314-49ad-84bd-5e095c10b2a3&session=32ed4893-3c35-479b-8caa-b36992aa3e16&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Dec%202024%2002%3A10%3A07%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%227202%22%7D&isIframe=false&m=%7B%22description%22%3A%22Jamf%20discovered%20a%20vulnerability%20that%20affects%20iOS%20and%20macOS%20users%20that%20is%20capable%20of%20stealing%20data%20from%20iCloud%2C%20bypassing%20TCC%20protections.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%20%20%20CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability%5Cn%20%20%20%20%20%20%20%20%5Cn%20%20%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&pageViewId=48562a52-5a7a-45f6-8ac6-916d31439e44&v=1.1.30 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-17-100-210.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control max-age=0, no-cache, no-store etag "5e502810-2b" pragma no-cache x-content-type-options nosniff expires Fri, 13 Dec 2024 02:10:08 GMT accept-ranges bytes content-length 43 date Fri, 13 Dec 2024 02:10:08 GMT content-type image/gif last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu)
POST H2	204	collect www.google-analytics.com/g/	0 0	129ms 127ms	Fetch text/plain	216.239.34.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-X3RD84REYK&gtm=45je4cc0v9102491963z872544203za200zb72544203&_p=1734055801161&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=367586833.1734055802&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1734055802&sct=1&seg=0&dl=https%3A%2F%2Fwww.jamf.com%2Fblog%2Ftcc-bypass-steals-data-from-icloud%2F&dt=CVE-2024-44131%20TCC%20Security%20Framework%20Bypass%20Vulnerability&en=user_details&ep.employee_range=&ep.industry=&ep.domain=&ep.revenue_range=&ep.company_name=&ep.country=United%20States&ep.segments=%5Bobject%20Object%5D&ep.segment_id_anonymous=a0160386-50b2-45ba-9920-9d230cfdf314&_et=1663&tfd=10490 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X3RD84REYK&l=dataLayer&cx=c&gtm=45He4cc0v72544203za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.34.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.jamf.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.jamf.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 02:10:08 GMT content-type text/plain server Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

dsum-sec.casalemedia.com

URL

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7cf36224-a13c-4510-8ae6-7938434acde5&expiration=1736647806&gdpr=0&gdpr_consent=