jumpcloud.com Open in urlscan Pro
2606:4700:4400::6812:2579 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jumpcloud.com/support/july-2023-iocs
Submission: On July 13 via manual (July 13th 2023, 9:07:50 am UTC) from IL — Scanned from DE

Summary HTTP 253 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 56 IPs in 4 countries across 41 domains to perform 253 HTTP transactions. The main IP is 2606:4700:4400::6812:2579, located in United States and belongs to CLOUDFLARENET, US. The main domain is jumpcloud.com. The Cisco Umbrella rank of the primary domain is 14006.
TLS certificate: Issued by E1 on June 28th 2023. Valid for: 3 months.

This is the only time jumpcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
83	2606:4700:440... 2606:4700:4400::6812:2579	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225b:6000:f:89ba:1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:88e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	2a04:4e42:200... 2a04:4e42:200::644	54113 (FASTLY) (FASTLY)
9	2606:4700::68... 2606:4700::6812:a972	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
7	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:480... 2a02:26f0:480:f::213:7ece	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.197.128.15 23.197.128.15	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	2600:9000:20c... 2600:9000:20c3:c200:14:6ddd:bc80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:210... 2600:9000:2104:a600:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
13	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
3	44.238.187.145 44.238.187.145	16509 (AMAZON-02) (AMAZON-02)
20	52.205.156.65 52.205.156.65	14618 (AMAZON-AES) (AMAZON-AES)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	44.196.108.64 44.196.108.64	14618 (AMAZON-AES) (AMAZON-AES)
6	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28a8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.139.110 52.222.139.110	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	13.224.189.49 13.224.189.49	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.88.35 99.84.88.35	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:c9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.207.218.163 44.207.218.163	14618 (AMAZON-AES) (AMAZON-AES)
2	18.239.94.97 18.239.94.97	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:62a7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2600:9000:220... 2600:9000:2204:d400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.239.234.229 34.239.234.229	14618 (AMAZON-AES) (AMAZON-AES)
1	13.227.219.120 13.227.219.120	16509 (AMAZON-02) (AMAZON-02)
1	3.208.133.249 3.208.133.249	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	15.197.143.135 15.197.143.135	16509 (AMAZON-02) (AMAZON-02)
253	56

83 2606:4700:4400::6812:2579 (United States)

ASN13335 (CLOUDFLARENET, US)

jumpcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:6000:f:89ba:1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

august.takingbackjuly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88e::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a04:4e42:200::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:a972 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

june.takingbackjuly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.128.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-128-15.deploy.static.akamaitechnologies.com

a553480116.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20c3:c200:14:6ddd:bc80:93a1 (United States)

ASN16509 (AMAZON-02, US)

segmentcdn.jumpcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:a600:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.238.187.145 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-187-145.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.205.156.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-156-65.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.108.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-108-64.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28a8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-110.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

11226752.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-35.muc50.r.cloudfront.net

a.smtrk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c9f (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.218.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-218-163.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.94.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-97.ams1.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:62a7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:d400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.234.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-234-229.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-120.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.133.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-133-249.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.143.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com

downloads.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	jumpcloud.com jumpcloud.com — Cisco Umbrella Rank: 14006 segmentcdn.jumpcloud.com — Cisco Umbrella Rank: 145320	828 KB
22	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 679 a553480116.cdn.optimizely.com — Cisco Umbrella Rank: 734908 errors.client.optimizely.com — Cisco Umbrella Rank: 8854	94 KB
14	wistia.net fast.wistia.net — Cisco Umbrella Rank: 10844	443 KB
13	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 535	47 KB
11	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 2556 adservice.google.com — Cisco Umbrella Rank: 113	30 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 407	137 KB
8	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 11226752.fls.doubleclick.net Failed stats.g.doubleclick.net — Cisco Umbrella Rank: 130	4 KB
8	takingbackjuly.com august.takingbackjuly.com — Cisco Umbrella Rank: 327042 june.takingbackjuly.com — Cisco Umbrella Rank: 266395	35 KB
7	6sc.co j.6sc.co — Cisco Umbrella Rank: 6369 c.6sc.co — Cisco Umbrella Rank: 9185 ipv6.6sc.co — Cisco Umbrella Rank: 6440 b.6sc.co — Cisco Umbrella Rank: 4176	13 KB
6	google.de www.google.de — Cisco Umbrella Rank: 4752	864 B
6	gstatic.com www.gstatic.com fonts.gstatic.com	404 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 614 p.typekit.net — Cisco Umbrella Rank: 795	67 KB
6	wistia.com fast.wistia.com — Cisco Umbrella Rank: 5801 embed-ssl.wistia.com — Cisco Umbrella Rank: 10489 distillery.wistia.com — Cisco Umbrella Rank: 8946	176 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	313 KB
4	linkedin.com dc.ads.linkedin.com Failed px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	4 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 3347 downloads.intercomcdn.com — Cisco Umbrella Rank: 14573	212 KB
3	segment.io api.segment.io — Cisco Umbrella Rank: 1130	520 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	24 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	258 B
2	quora.com a.quora.com — Cisco Umbrella Rank: 9462 q.quora.com — Cisco Umbrella Rank: 4238	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	155 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2743 api-iam.intercom.io — Cisco Umbrella Rank: 2206	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 753 script.hotjar.com — Cisco Umbrella Rank: 1081	73 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 331	745 B
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 169	2 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2812
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	378 B
1	t.co t.co — Cisco Umbrella Rank: 511	378 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1562	638 B
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 4551	131 B
1	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 17554 ibc-flow.techtarget.com Failed	2 KB
1	smtrk.net a.smtrk.net — Cisco Umbrella Rank: 25873	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1396	8 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2814	6 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	304 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	1 KB
0	twitter.com Failed analytics.twitter.com Failed
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
253	41

	Domain	Requested by
83	jumpcloud.com	jumpcloud.com
20	errors.client.optimizely.com	jumpcloud.com
14	fast.wistia.net	jumpcloud.com fast.wistia.net
13	js-agent.newrelic.com	jumpcloud.com
9	www.google.com	2 redirects jumpcloud.com www.google.com
9	cdn.cookielaw.org	jumpcloud.com cdn.cookielaw.org
7	june.takingbackjuly.com	august.takingbackjuly.com jumpcloud.com
6	www.google.de	www.googletagmanager.com jumpcloud.com
6	segmentcdn.jumpcloud.com	jumpcloud.com
5	www.googletagmanager.com	jumpcloud.com
5	use.typekit.net	jumpcloud.com use.typekit.net
4	b.6sc.co
4	googleads.g.doubleclick.net	2 redirects jumpcloud.com
4	www.gstatic.com	jumpcloud.com www.google.com www.gstatic.com
3	api.segment.io	jumpcloud.com
3	bat.bing.com	jumpcloud.com www.googletagmanager.com
3	fast.wistia.com	jumpcloud.com fast.wistia.com fast.wistia.net
2	www.facebook.com
2	px.ads.linkedin.com	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com jumpcloud.com
2	js.intercomcdn.com	widget.intercom.io
2	connect.facebook.net	jumpcloud.com
2	www.google-analytics.com	jumpcloud.com
2	snap.licdn.com	jumpcloud.com
2	bam.nr-data.net	jumpcloud.com
2	fonts.gstatic.com	www.google.com
2	11226752.fls.doubleclick.net	www.googletagmanager.com
2	www.googleadservices.com	1 redirects jumpcloud.com
2	us-central1-adaptive-growth.cloudfunctions.net	jumpcloud.com
2	embed-ssl.wistia.com	jumpcloud.com fast.wistia.net
1	downloads.intercomcdn.com
1	api-iam.intercom.io	js.intercomcdn.com
1	script.hotjar.com	jumpcloud.com
1	q.quora.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	jumpcloud.com
1	t.co
1	alb.reddit.com
1	adservice.google.com	11226752.fls.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	ipv6.6sc.co	jumpcloud.com
1	c.6sc.co	jumpcloud.com
1	data.adxcel-ec2.com
1	trk.techtarget.com	jumpcloud.com
1	a.smtrk.net	jumpcloud.com
1	a.quora.com	jumpcloud.com
1	static.ads-twitter.com	jumpcloud.com
1	www.redditstatic.com	jumpcloud.com
1	widget.intercom.io	jumpcloud.com
1	static.hotjar.com	jumpcloud.com
1	j.6sc.co	jumpcloud.com
1	distillery.wistia.com	fast.wistia.net
1	cdn.pdst.fm	jumpcloud.com
1	a553480116.cdn.optimizely.com	jumpcloud.com
1	p.typekit.net	use.typekit.net
1	geolocation.onetrust.com	jumpcloud.com
1	fonts.googleapis.com	jumpcloud.com
1	cdn.optimizely.com	jumpcloud.com
1	august.takingbackjuly.com	jumpcloud.com
0	ibc-flow.techtarget.com Failed	jumpcloud.com
0	analytics.twitter.com Failed
0	dc.ads.linkedin.com Failed	www.googletagmanager.com
0	static.cloudflareinsights.com Failed	jumpcloud.com
253	64

This site contains links to these domains. Also see Links.

Domain
console.jumpcloud.com
community.jumpcloud.com
university.jumpcloud.com
www.youtube.com
join.jumpcloudlounge.com
twitter.com
www.facebook.com
www.linkedin.com
www.g2crowd.com
status.jumpcloud.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
jumpcloud.com E1	`2023-06-28` - `2023-09-26`	3 months	crt.sh
*.takingbackjuly.com Amazon RSA 2048 M02	`2023-02-23` - `2024-01-10`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2023-02-26` - `2024-02-28`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
segmentcdn.jumpcloud.com Amazon RSA 2048 M01	`2023-06-18` - `2024-07-16`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
errors.client.optimizely.com Amazon RSA 2048 M01	`2023-06-04` - `2024-07-02`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
6sc.co R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-21` - `2023-07-20`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
quora.com R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
a.smtrk.net Amazon RSA 2048 M02	`2023-05-15` - `2024-06-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-25` - `2024-06-24`	a year	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-16`	9 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.quora.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
intercom-attachments-10.com Amazon RSA 2048 M01	`2023-07-09` - `2024-08-06`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://jumpcloud.com/support/july-2023-iocs
Frame ID: E8140F2DF88A49859310F3676CBCC1EC
Requests: 205 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
Frame ID: 2BBA04335CB37F323D97BC850EA267B3
Requests: 8 HTTP requests in this frame

Frame: https://a553480116.cdn.optimizely.com/client_storage/a553480116.html
Frame ID: B262469E6B1DD8335002F9705AD5E09A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbi70ZAAAAADiFVIi4n1etOyUxaCP2cLxtEd4Q&co=aHR0cHM6Ly9qdW1wY2xvdWQuY29tOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ax1u22mpboku
Frame ID: CF0E808A41E3B021D9C1EFFB4A48D76E
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-TCQM2R
Frame ID: F1F2107C99A30DC9A95AB7C5EFEE0E2A
Requests: 4 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
Frame ID: 24CDE75828A78BD1151CF4D51F8F2B88
Requests: 11 HTTP requests in this frame

Frame: https://11226752.fls.doubleclick.net/activityi;dc_pre=CKjl3tKqi4ADFYyasgodDOQDDg;src=11226752;type=detec0;cat=jumpc0;ord=1272684977;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs
Frame ID: D8D19F6FA230143B84F97AF37EC8256B
Requests: 1 HTTP requests in this frame

Frame: https://11226752.fls.doubleclick.net/activityi;dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs
Frame ID: 51762B856504B3A0B7CBC7DB6265D83C
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.9ff95336.js
Frame ID: D29C450752823C5F68FC540EBC5517D6
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 79F59E997529A12546E2AAAEBEE2EA3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

July 2023 Incident Indicators of Compromise (IoCs) - JumpCloudBack ButtonFilter Button

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

253
Requests

96 %
HTTPS

57 %
IPv6

41
Domains

64
Subdomains

56
IPs

4
Countries

3140 kB
Transfer

10573 kB
Size

40
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://console.jumpcloud.com/
Title: Login

Search URL Search Domain Scan URL

URL: https://community.jumpcloud.com/
Title: Community Create a new thread or join an existing discussion with JumpCloud experts and other users.

Search URL Search Domain Scan URL

URL: https://university.jumpcloud.com/pages/guided-sims
Title: Guided Product Simulations Learn how to use the JumpCloud Directory Platform by exploring our hands-on simulations.

Search URL Search Domain Scan URL

URL: https://university.jumpcloud.com/
Title: JumpCloud University Get access to comprehensive learning materials and certification opportunities in JCU.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCV9U0J9zvop_Whyh-35M_xg
Title: YouTube Channel Watch videos to learn more about JumpCloud's capabilities, how to use the platform, and more.

Search URL Search Domain Scan URL

URL: https://join.jumpcloudlounge.com/
Title: JumpCloud Lounge on Slack Join conversations in Slack and get quick JumpCloud support from experts and other users.

Search URL Search Domain Scan URL

URL: https://console.jumpcloud.com/signup?email=&first_touch=Non-Paid&first_touch_timestamp=2023-07-13T09:07:42.887Z&jcsgmtuuid=c8904008-d016-4c14-a09a-83a393b9c50b
Title: Try for Free

Search URL Search Domain Scan URL

URL: https://twitter.com/jumpcloud

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/JumpCloud/517890504928642

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/jumpcloud

Search URL Search Domain Scan URL

URL: https://www.g2crowd.com/products/jumpcloud/reviews?utm_source=review-widget

Search URL Search Domain Scan URL

URL: https://status.jumpcloud.com/
Title: Status

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://www.googleadservices.com/pagead/conversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=4b6vZKiSBP-D7_UP84u2iAQ&random=567871998&sscte=1&crd=&pscrd=IhMI6IbX0qqLgAMV_8G7CB3zhQ1B HTTP 302
https://www.google.com/pagead/1p-conversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=567871998&sscte=1&crd=&pscrd=IhMI6IbX0qqLgAMV_8G7CB3zhQ1B&is_vtc=1&ocp_id=4b6vZKiSBP-D7_UP84u2iAQ&cid=CAQSKQBpAlJWvTtJbx97DTSTfKwMmCTgfg7d-kt0oRUQOS744Sgo7Pukl6ge&random=1626922138 HTTP 302
https://www.google.de/pagead/1p-conversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=567871998&sscte=1&crd=&pscrd=IhMI6IbX0qqLgAMV_8G7CB3zhQ1B&is_vtc=1&ocp_id=4b6vZKiSBP-D7_UP84u2iAQ&cid=CAQSKQBpAlJWvTtJbx97DTSTfKwMmCTgfg7d-kt0oRUQOS744Sgo7Pukl6ge&random=1626922138&ipr=y

Request Chain 143

https://11226752.fls.doubleclick.net/activityi;src=11226752;type=detec0;cat=jumpc0;ord=1272684977;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs HTTP 302
https://11226752.fls.doubleclick.net/activityi;dc_pre=CKjl3tKqi4ADFYyasgodDOQDDg;src=11226752;type=detec0;cat=jumpc0;ord=1272684977;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs

Request Chain 150

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/623439251/?random=1036482858&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&label=B4GKCM-B7ZsDEJPbo6kC&hn=www.googleadservices.com&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&did=dYWJhMj&gdid=dYWJhMj&gtm_ee=1&auid=1971881386.1689239265&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=4b6vZKiVBImD7_UP5fubiAE&sscte=1&crd=&pscrd=Ek5DaEFJOE1HLXBRWVFsZmVlMk5HR25hMFpFaVlBYzlFbFdja1VPSnhMdDltSFUwLWRaU2pvR0t3OWs0VmpDamhNMHF6YzJKTDFyVGRPOUEaWENoQUk4TUctcFFZUXE0eUFoYWIta1lSR0VpNEFJQ19sdVhpRFFmVVJkbFZEbVRwMWxFbkFKd3YxSDNrRURaYTFWMHc4c1dLV214SVpodldlS3p3aWgyR04iEwjoidfSqouAAxWJwbsIHeX9BhE HTTP 302
https://www.google.com/pagead/1p-conversion/623439251/?random=1036482858&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&label=B4GKCM-B7ZsDEJPbo6kC&hn=www.googleadservices.com&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&did=dYWJhMj&gdid=dYWJhMj&gtm_ee=1&auid=1971881386.1689239265&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1HLXBRWVFsZmVlMk5HR25hMFpFaVlBYzlFbFdja1VPSnhMdDltSFUwLWRaU2pvR0t3OWs0VmpDamhNMHF6YzJKTDFyVGRPOUEaWENoQUk4TUctcFFZUXE0eUFoYWIta1lSR0VpNEFJQ19sdVhpRFFmVVJkbFZEbVRwMWxFbkFKd3YxSDNrRURaYTFWMHc4c1dLV214SVpodldlS3p3aWgyR04iEwjoidfSqouAAxWJwbsIHeX9BhE&is_vtc=1&ocp_id=4b6vZKiVBImD7_UP5fubiAE&cid=CAQSKQBpAlJWzz2T9rxAcBglZ_cBqq8Sow_5Mhl8MZctXyIJtCmtCHtbmw-b&random=1517994805 HTTP 302
https://www.google.de/pagead/1p-conversion/623439251/?random=1036482858&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&label=B4GKCM-B7ZsDEJPbo6kC&hn=www.googleadservices.com&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&did=dYWJhMj&gdid=dYWJhMj&gtm_ee=1&auid=1971881386.1689239265&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1HLXBRWVFsZmVlMk5HR25hMFpFaVlBYzlFbFdja1VPSnhMdDltSFUwLWRaU2pvR0t3OWs0VmpDamhNMHF6YzJKTDFyVGRPOUEaWENoQUk4TUctcFFZUXE0eUFoYWIta1lSR0VpNEFJQ19sdVhpRFFmVVJkbFZEbVRwMWxFbkFKd3YxSDNrRURaYTFWMHc4c1dLV214SVpodldlS3p3aWgyR04iEwjoidfSqouAAxWJwbsIHeX9BhE&is_vtc=1&ocp_id=4b6vZKiVBImD7_UP5fubiAE&cid=CAQSKQBpAlJWzz2T9rxAcBglZ_cBqq8Sow_5Mhl8MZctXyIJtCmtCHtbmw-b&random=1517994805&ipr=y

Request Chain 209

https://11226752.fls.doubleclick.net/activityi;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs HTTP 302
https://11226752.fls.doubleclick.net/activityi;dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs

Request Chain 241

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=373868&time=1689239268760&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D373868%26time%3D1689239268760%26url%3Dhttps%253A%252F%252Fjumpcloud.com%252Fsupport%252Fjuly-2023-iocs%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=373868&time=1689239268760&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=373868&time=1689239268760&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&liSync=true&e_ipv6=AQIymAF-Q7Dz_QAAAYlOga-hZs4dQ29vUIp3x_IQltKDJaHusl_ERPyRWY_1QCHBmc0fQmXwbvQe

253 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request july-2023-iocs Show response
jumpcloud.com/support/ 199 KB
39 KB 123ms
69ms Document
text/html 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0709f30da46958311cb3a1eded6ea272077a95661d0ed0e07e91598b26c023

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: wss://.intercom.io https://.intercom.io https://.google.com https://bam.nr-data.net https://ct.capterra.com https://cdn.linkedin.oribi.io/partner/373868/domain/jumpcloud.com/token https://jumpcloud940.outgrow.us/ https://.takingbackjuly.com https://optanon.blob.core.windows.net https://segmentcdn.jumpcloud.com https://c.6sc.co/ https://ipv6.6sc.co/ https://scout.salesloft.com https://www.youtube.com https://secure.adnxs.com https://xd.adobe.com https://embedwistia-a.akamaihd.net https://bat.bing.com https://api.segment.io https://.litix.io https://calendly.com https://.wistia.com https://.wistia.net https://bam-cell.nr-data.net https://privacyportal.onetrust.com https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://js.driftt.com https://analytics.google.com/ https://cdn.segment.com https://ajax.googleapis.com https://www.facebook.com https://us-central1-adaptive-growth.cloudfunctions.net https://.hotjar.io https://.hotjar.com wss://.hotjar.com https://.doubleclick.net https://cdn.cookielaw.org https://.optimizely.com https://.clarity.ms https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.buzzsprout.com; font-src 'self' data: fonts.gstatic.com use.typekit.net; img-src 'self' data: blob: ; script-src 'unsafe-eval' 'unsafe-inline' 'self' blob: https://widget.intercom.io/widget/wgmb0rm8 https://js.intercomcdn.com https://www.youtube.com https://bam.nr-data.net https://.takingbackjuly.com https://cdn-assets-prod.s3.amazonaws.com https://segmentcdn.jumpcloud.com https://cdn.jsdelivr.net https://.clarity.ms https://cloud.jumpcloud.com https://.calendly.com https://cdn.pdst.fm https://cdn.pdst.fm https://bam-cell.nr-data.net https://pi.pardot.com https://js-agent.newrelic.com https://analytics.twitter.com https://platform.twitter.com https://grow.clearbitjs.com https://a.smtrk.net https://trk.techtarget.com https://static.ads-twitter.com https://.wistia.net https://.wistia.com https://js.driftt.com https://a.quora.com https://scout-cdn.salesloft.com https://www.redditstatic.com https://connect.facebook.net https://bat.bing.com https://j.6sc.co https://snap.licdn.com https://cdn.segment.com https://ajax.googleapis.com https://www.facebook.com https://us-central1-adaptive-growth.cloudfunctions.net https://.hotjar.com https://.doubleclick.net https://cdn.cookielaw.org https://.optimizely.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.buzzsprout.com https://geolocation.onetrust.com https://www.gstatic.com https://www.googleadservices.com https://dyv6f9ner1ir9.cloudfront.net/assets/js/sloader.js; style-src 'unsafe-inline' 'self' fonts.googleapis.com use.typekit.net p.typekit.net https://.calendly.com; media-src 'self' data: blob: ;
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 590
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 7e606087eabf695e-FRA
content-encoding: gzip
content-security-policy: default-src 'self' blob: wss://*.intercom.io https://*.intercom.io https://*.google.com https://bam.nr-data.net https://ct.capterra.com https://cdn.linkedin.oribi.io/partner/373868/domain/jumpcloud.com/token https://jumpcloud940.outgrow.us/ https://*.takingbackjuly.com https://optanon.blob.core.windows.net https://segmentcdn.jumpcloud.com https://c.6sc.co/ https://ipv6.6sc.co/ https://scout.salesloft.com https://www.youtube.com https://secure.adnxs.com https://xd.adobe.com https://embedwistia-a.akamaihd.net https://bat.bing.com https://api.segment.io https://*.litix.io https://calendly.com https://*.wistia.com https://*.wistia.net https://bam-cell.nr-data.net https://privacyportal.onetrust.com https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://js.driftt.com https://analytics.google.com/ https://cdn.segment.com https://ajax.googleapis.com https://www.facebook.com https://us-central1-adaptive-growth.cloudfunctions.net https://*.hotjar.io https://*.hotjar.com wss://*.hotjar.com https://*.doubleclick.net https://cdn.cookielaw.org https://*.optimizely.com https://*.clarity.ms https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://*.buzzsprout.com; font-src 'self' data: fonts.gstatic.com use.typekit.net; img-src 'self' data: blob: *; script-src 'unsafe-eval' 'unsafe-inline' 'self' blob: https://widget.intercom.io/widget/wgmb0rm8 https://js.intercomcdn.com https://www.youtube.com https://bam.nr-data.net https://*.takingbackjuly.com https://cdn-assets-prod.s3.amazonaws.com https://segmentcdn.jumpcloud.com https://cdn.jsdelivr.net https://*.clarity.ms https://cloud.jumpcloud.com https://*.calendly.com https://cdn.pdst.fm https://cdn.pdst.fm https://bam-cell.nr-data.net https://pi.pardot.com https://js-agent.newrelic.com https://analytics.twitter.com https://platform.twitter.com https://grow.clearbitjs.com https://a.smtrk.net https://trk.techtarget.com https://static.ads-twitter.com https://*.wistia.net https://*.wistia.com https://js.driftt.com https://a.quora.com https://scout-cdn.salesloft.com https://www.redditstatic.com https://connect.facebook.net https://bat.bing.com https://j.6sc.co https://snap.licdn.com https://cdn.segment.com https://ajax.googleapis.com https://www.facebook.com https://us-central1-adaptive-growth.cloudfunctions.net https://*.hotjar.com https://*.doubleclick.net https://cdn.cookielaw.org https://*.optimizely.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://*.buzzsprout.com https://geolocation.onetrust.com https://www.gstatic.com https://www.googleadservices.com https://dyv6f9ner1ir9.cloudfront.net/assets/js/sloader.js; style-src 'unsafe-inline' 'self' fonts.googleapis.com use.typekit.net p.typekit.net https://*.calendly.com; media-src 'self' data: blob: *;
content-type: text/html; charset=UTF-8
date: Thu, 13 Jul 2023 09:07:41 GMT
link: <https://jumpcloud.com/wp-json/>; rel="https://api.w.org/" <https://jumpcloud.com/wp-json/wp/v2/support/93689>; rel="alternate"; type="application/json" <https://jumpcloud.com/?p=93689>; rel=shortlink
permissions-policy: camera=(), geolocation=(), microphone=(), payment=(), screen-wake-lock=()
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31622400; includeSubDomains; preload
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-content-type-options: nosniff
x-frame-options: deny
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
x-served-by: cache-chi-klot8100034-CHI, cache-fra-eddf8230074-FRA
x-styx-req-id: 590efc9b-215b-11ee-a59c-2ac443a33091
x-timer: S1689239261.485582,VS0,VE2

GET
H2 200 a8dee78d9d5daed23674204439ed054e.js Show response
august.takingbackjuly.com/i/ 91 KB
34 KB 116ms
17ms Script
text/javascript 2600:9000:225b:6000:f:89ba:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://august.takingbackjuly.com/i/a8dee78d9d5daed23674204439ed054e.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:6000:f:89ba:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 61b2d0a3bc927d214eb606a80059190197c273668bb48f1eab764083cefb2e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 22:16:26 GMT
content-encoding: gzip
via: 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: MUC50-P1
age: 39075
etag: "16cff-krbkm/H1vNFOaUD9AV+GSuBwajg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 34005
x-amz-cf-id: fn_v5rgV2sVf8iFcHvJHdOgLGqI7A3xVqAVeggOEoXkdMf0ukNttng==
expires: Thu, 13 Jul 2023 10:16:26 GMT

GET
H2 200 553480116.js Show response
cdn.optimizely.com/js/ 295 KB
90 KB 171ms
121ms Script
text/javascript 2a02:26f0:3500:88e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/553480116.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d03866075f8d7d4cdc46cbd2308ff6cb8642efaeb67b2065e02d35bdb73c6869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: fVyiu49NJzXB6RfTrEXTk6O4qm4Bqwb9
content-encoding: gzip
date: Thu, 13 Jul 2023 09:07:41 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 7Q38TDXJGS2HFG7D
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 5224
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=11, origin; dur=101, cdn;desc="AkamaiION";dur=0,rtt;desc="11";dur=0,cdnip;desc="2a02:26f0:3500:88e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="469233_388276621_722952624_11193_1625_10_0_-";dur=1
content-length: 91066
x-amz-id-2: VNHJ46eeVyIaa86VQnAOKIMo0S10Jns8MMbEnPLz0R3Kpj0TsHFJtHedNIhdryXh+ZBrEslt9dY=
last-modified: Wed, 12 Jul 2023 14:38:20 GMT
server: AmazonS3
etag: "6fe54cdda3082fce99a372f3a3043eb6"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 699 KB
120 KB 48ms
7ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8aae4196ebe99727bac2cd377254e0e26ea24a1e72f565c2e86eaeefb2d057d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1856
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 122799
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-eddf8230057-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239262.886645,VS0,VE0
etag: "df5d140632002c848edf0eba6a85aab0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 35, 270

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/2f8f41b6-56b2-430a-8d2e-a63f62fc69d8/ 13 KB
4 KB 66ms
25ms Script
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2f8f41b6-56b2-430a-8d2e-a63f62fc69d8/OtAutoBlock.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e765bf3e973cff44b58eabffb90b4f23249c842873c2d1a76f84de374d9116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9366
content-md5: FRG2TxrpiAzvR1oWJvRyLA==
content-length: 3265
x-ms-lease-status: unlocked
last-modified: Thu, 08 Sep 2022 16:43:54 GMT
server: cloudflare
etag: 0x8DA91B951122A79
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0016df8b-d01e-00dc-2ce1-5a8ab5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e606088abd335eb-FRA
expires: Fri, 14 Jul 2023 09:07:41 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 61ms
19ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c535c494eb4dbfb732fb09f9716097de5e1c84f1d841a5c98eb14903c1376270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ThapKUuw9e9x4Kb6BZJd6A==
age: 55276
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6767
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:45 GMT
server: cloudflare
etag: 0x8DB81B78770ACB0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d2ceab33-801e-0148-5430-b4ac2e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e606088abd435eb-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 83ms
24ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 13 Jul 2023 09:07:42 GMT

GET
H2 200 classic-themes.min.css
jumpcloud.com/wp-includes/css/ 291 B
406 B 34ms
22ms Stylesheet
text/css 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 211
x-served-by: cache-chi-kigq8000020-CHI, cache-fra-eddf8230088-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204267.976292,VS0,VE1
etag: W/"64ac675b-123"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: f5ce44b6-1f72-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abad695e-FRA
x-cache-hits: 1, 1

GET
H2 200 jquery.ui.css
jumpcloud.com//wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/ 22 KB
5 KB 47ms
35ms Stylesheet
text/css 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com//wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/jquery.ui.css?ver=6.2

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d198aa686d1152dea61220e984befd325376330286ffbeb9bba9d43347c2f065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 29131
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 4865
x-served-by: cache-chi-klot8100084-CHI, cache-fra-eddf8230074-FRA
last-modified: Mon, 10 Jul 2023 20:17:28 GMT
server: cloudflare
x-timer: S1689210131.829536,VS0,VE2
etag: W/"64ac6758-5940"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: ee15b765-1f6b-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abb0695e-FRA
x-cache-hits: 1, 1

GET
H2 200 dashicons.min.css
jumpcloud.com/wp-includes/css/ 58 KB
36 KB 31ms
19ms Stylesheet
text/css 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/css/dashicons.min.css?ver=6.2

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35329
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 36701
x-served-by: cache-chi-klot8100103-CHI, cache-fra-eddf8230116-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689203932.288285,VS0,VE2
etag: W/"64ac675b-e688"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: f5ce21f0-1f72-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abb1695e-FRA
x-cache-hits: 1, 1

GET
H2 200 styles.ac945b8a75df8a0a52e5.css
jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/ 554 KB
106 KB 34ms
22ms Stylesheet
text/css 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b3acf2de1acdcd7940db38ad5055f2abce6f853a69f3512f2cbf1060eb55a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35284
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-7sp7p
content-length: 108412
x-served-by: cache-chi-klot8100034-CHI, cache-fra-eddf8230089-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689203977.201012,VS0,VE2
etag: W/"64ac675b-8a8cf"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: f5ce3219-1f72-11ee-b026-7a9cdb1b0df9
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abb2695e-FRA
x-cache-hits: 1, 1

GET
H2 200 wp-polyfill-inert.min.js Show response
jumpcloud.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 46ms
34ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 2786
x-served-by: cache-chi-klot8100027-CHI, cache-fra-eddf8230085-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.990418,VS0,VE2
etag: W/"64ac675a-1feb"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a1a67fad-1f6f-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abb4695e-FRA
x-cache-hits: 4, 1

GET
H2 200 regenerator-runtime.min.js Show response
jumpcloud.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 45ms
34ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 2694
x-served-by: cache-chi-klot8100136-CHI, cache-fra-eddf8230029-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.986110,VS0,VE1
etag: W/"64ac675a-19cf"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f5ccb32d-1f72-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abb5695e-FRA
x-cache-hits: 1, 1

GET
H2 200 wp-polyfill.min.js Show response
jumpcloud.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 48ms
37ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 7343
x-served-by: cache-chi-klot8100165-CHI, cache-fra-eddf8230030-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.979055,VS0,VE0
etag: W/"64ac675a-459f"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 9182463b-1f60-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abb7695e-FRA
x-cache-hits: 4, 2

GET
H2 200 hooks.min.js Show response
jumpcloud.com/wp-includes/js/dist/ 5 KB
2 KB 47ms
36ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 1766
x-served-by: cache-chi-kigq8000114-CHI, cache-fra-eddf8230028-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204267.983480,VS0,VE1
etag: W/"64ac675b-132e"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f5cc198a-1f72-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abb8695e-FRA
x-cache-hits: 2, 1

GET
H2 200 i18n.min.js Show response
jumpcloud.com/wp-includes/js/dist/ 10 KB
4 KB 26ms
21ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 4139
x-served-by: cache-chi-klot8100093-CHI, cache-fra-eddf8230110-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.985801,VS0,VE1
etag: W/"64ac675a-27f6"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a1a62310-1f6f-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abb9695e-FRA
x-cache-hits: 1, 1

GET
H2 200 jquery.min.js Show response
jumpcloud.com/wp-includes/js/jquery/ 88 KB
36 KB 41ms
36ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35329
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 36154
x-served-by: cache-chi-klot8100063-CHI, cache-fra-eddf8230034-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689203932.289122,VS0,VE2
etag: W/"64ac675a-15ed7"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 73143ddf-1f68-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088abba695e-FRA
x-cache-hits: 1, 1

GET
H2 200 jquery-migrate.min.js Show response
jumpcloud.com/wp-includes/js/jquery/ 13 KB
5 KB 46ms
42ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 5262
x-served-by: cache-chi-klot8100151-CHI, cache-fra-eddf8230091-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.984796,VS0,VE2
etag: W/"64ac675a-3470"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f5ccb44c-1f72-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088bbc2695e-FRA
x-cache-hits: 1, 1

GET
H2 200 cm-search-and-replace-frontend.js Show response
jumpcloud.com//wp-content/plugins/cm-search-and-replace-pro/assets/js/ 88 B
353 B 47ms
43ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com//wp-content/plugins/cm-search-and-replace-pro/assets/js/cm-search-and-replace-frontend.js?ver=6.2

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a256b91dd54d7cc37710eeba8dd39a3c970699a0d0b3c711076d083b6c0d7293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 88
x-served-by: cache-chi-klot8100175-CHI, cache-fra-eddf8230060-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.986500,VS0,VE1
etag: W/"64ac6759-58"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f5ccc1b9-1f72-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088bbc4695e-FRA
x-cache-hits: 1, 1

GET
H2 200 settings.js Show response
jumpcloud.com//wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/ 15 KB
4 KB 47ms
42ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com//wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/settings.js?ver=6.2

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2cf76ff852d2e95517b08111f27868137a6afba64ad34a4ea0e87c160e3a367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 3788
x-served-by: cache-chi-klot8100077-CHI, cache-fra-eddf8230047-FRA
last-modified: Mon, 10 Jul 2023 20:17:28 GMT
server: cloudflare
x-timer: S1689204267.980336,VS0,VE1
etag: W/"64ac6758-3d43"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f5cdc2db-1f72-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606088bbc5695e-FRA
x-cache-hits: 1, 1

GET
H2 200 search-icon.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/ 313 B
588 B 20ms
19ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/search-icon.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

784a8fadab348ad6d2d79afc0afa939efd1a80661f9e72f935b5f940291906b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-h2lcf
content-length: 313
x-served-by: cache-chi-kigq8000058-CHI, cache-fra-eddf8230103-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.065279,VS0,VE1
etag: "64ac675a-139"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: eb1a0986-1f6a-11ee-aff5-3e075461db89
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608c382d695e-FRA
x-cache-hits: 1, 1

GET
H2 200 navigation-language-bold-icon.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/ 1 KB
1 KB 18ms
18ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation-language-bold-icon.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ead694ca881dd884f39320894e1d11f7e3ce6d86dcbad90c724101c59f4ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 1063
x-served-by: cache-chi-klot8100092-CHI, cache-fra-eddf8230092-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204267.096310,VS0,VE2
etag: "64ac675b-427"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6df0d8e-1f72-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608c5850695e-FRA
x-cache-hits: 1, 1

GET
H2 200 identity-lifecycle.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
2 KB 18ms
18ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/identity-lifecycle.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ce2b8c1429fdb2312613e5b756a2f39e175b13433feeca2a38270afd86d053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: MISS, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 1381
x-served-by: cache-chi-klot8100119-CHI, cache-fra-eddf8230077-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204267.100695,VS0,VE2
etag: "64ac675b-565"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f9b92a7a-1f6d-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608c7876695e-FRA
x-cache-hits: 0, 1

GET
H2 200 access-management-icon.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 2 KB
2 KB 17ms
16ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/access-management-icon.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b53461ad125c8107cb60cb17d2c8e1a62bfcfde6d41d6f7532a2082c723d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-8dsl4
content-length: 2268
x-served-by: cache-chi-klot8100092-CHI, cache-fra-eddf8230120-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.136013,VS0,VE1
etag: "64ac675a-8dc"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e25aa5-1f72-11ee-9e66-5e0a805aac42
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608c988d695e-FRA
x-cache-hits: 1, 1

GET
H2 200 infrastructure-security-icon.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
2 KB 17ms
17ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/infrastructure-security-icon.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad2df1d3ac00448cf75832b95fc3bf596a34ccf17d1e6f2f60f4b4c691c7669d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 1534
x-served-by: cache-chi-kigq8000134-CHI, cache-fra-eddf8230117-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.148851,VS0,VE23
etag: "64ac6759-5fe"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6eac166-1f72-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608cb8a6695e-FRA
x-cache-hits: 3, 1

GET
H2 200 unify-stack.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
1 KB 19ms
19ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/unify-stack.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3618d3af5aca10765adde4f941429c21365ee5febac1a24f10844c238a188fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-7sp7p
content-length: 1247
x-served-by: cache-chi-klot8100173-CHI, cache-fra-eddf8230105-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.181801,VS0,VE1
etag: "64ac6759-4df"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 918c9691-1f60-11ee-b026-7a9cdb1b0df9
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608cd8c8695e-FRA
x-cache-hits: 1, 1

GET
H2 200 zero-trust.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 878 B
1 KB 16ms
16ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/zero-trust.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60c140d9afbd81e2a4098fa38071b29490dba0e5e334e67f9b33236d6708718b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-7sp7p
content-length: 878
x-served-by: cache-chi-klot8100077-CHI, cache-fra-eddf8230039-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.208641,VS0,VE12
etag: "64ac675a-36e"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 6067bae5-1f71-11ee-b026-7a9cdb1b0df9
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608cf8f3695e-FRA
x-cache-hits: 3, 1

GET
H2 200 compliance.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 917 B
1 KB 17ms
17ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/compliance.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

536873ab97123904a2864c42dc014f8f67b04b68fdc2359d609806d299629f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-qmc4p
content-length: 917
x-served-by: cache-chi-kigq8000100-CHI, cache-fra-eddf8230124-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204267.223598,VS0,VE2
etag: "64ac675b-395"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e22ff4-1f72-11ee-a85b-aa2b4b163e62
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608d1917695e-FRA
x-cache-hits: 2, 1

GET
H2 200 hybrid-work-icon.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
2 KB 23ms
22ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/hybrid-work-icon.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e130e6bf32fae2a3cca16864232b012c6e594602fd80c3c307adf8dfbd37986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 1486
x-served-by: cache-chi-klot8100148-CHI, cache-fra-eddf8230047-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.262234,VS0,VE1
etag: "64ac675a-5ce"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6eb2569-1f72-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608d393b695e-FRA
x-cache-hits: 1, 1

GET
H2 200 directories.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
1 KB 16ms
15ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/directories.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f896280f1b1305ff591eeb8f6a62d979af87dee1f432e9eebf5ef7cf3762ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 1083
x-served-by: cache-chi-kigq8000084-CHI, cache-fra-eddf8230136-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.262898,VS0,VE2
etag: "64ac6759-43b"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6ed42da-1f72-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608d5952695e-FRA
x-cache-hits: 2, 1

GET
H2 200 mfa.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 924 B
1 KB 28ms
16ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/mfa.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81b5318097825012bb257f590a0ff68a499d30ff7e61a0a1cd228efe7055a345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 31870
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 924
x-served-by: cache-chi-kigq8000058-CHI, cache-fra-eddf8230066-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689207393.603082,VS0,VE2
etag: "64ac675a-39c"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e2939a-1f72-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608d8984695e-FRA
x-cache-hits: 1, 1

GET
H2 200 conditional-access.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 943 B
1 KB 17ms
16ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/conditional-access.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a50933c231329043b96d5ba48377e25539bc25519c5f8bbab0e016488e1312a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 943
x-served-by: cache-chi-klot8100109-CHI, cache-fra-eddf8230086-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.303671,VS0,VE1
etag: "64ac6759-3af"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: a218926d-1f6f-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608da9a4695e-FRA
x-cache-hits: 1, 1

GET
H2 200 password-manager.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 922 B
1 KB 18ms
18ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/password-manager.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

570ce7a565a3a410eb01dcdd83f4a30228e67a780f4a8e5e30168e59d97d38d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-7sp7p
content-length: 922
x-served-by: cache-chi-kigq8000165-CHI, cache-fra-eddf8230080-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.336020,VS0,VE2
etag: "64ac6759-39a"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e2b109-1f72-11ee-b026-7a9cdb1b0df9
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608dc9c5695e-FRA
x-cache-hits: 2, 1

GET
H2 200 hris.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 951 B
1 KB 22ms
20ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/hris.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28c52779ad878e5d9734b510399168381cc81de782e02caff97589654eef0188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 951
x-served-by: cache-chi-kigq8000164-CHI, cache-fra-eddf8230126-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.341485,VS0,VE1
etag: "64ac6759-3b7"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e2b3e7-1f72-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608de9f4695e-FRA
x-cache-hits: 2, 1

GET
H2 200 api-services.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 993 B
1 KB 20ms
20ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/api-services.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edf5e12d9d3961a49d0af32e4f5d2429b06792cfd32214567ba63016c17aa906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 993
x-served-by: cache-chi-klot8100176-CHI, cache-fra-eddf8230098-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.377264,VS0,VE2
etag: "64ac6759-3e1"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e47a10-1f72-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608e0a19695e-FRA
x-cache-hits: 2, 1

GET
H2 200 sso.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 818 B
1023 B 22ms
22ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/sso.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309abb0cf20e94cabfb70b068860024fb3dc7a44140dea8a95c5ce0d7fd05752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 818
x-served-by: cache-chi-kigq8000026-CHI, cache-fra-eddf8230090-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204267.433565,VS0,VE1
etag: "64ac675b-332"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6ed2f96-1f72-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608e2a41695e-FRA
x-cache-hits: 1, 1

GET
H2 200 cloud-ldap.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
1 KB 20ms
20ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/cloud-ldap.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f2e510a5b489b6a65e7eb26d4884bb2e257eed2152a04b099ed5e72c18340a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 1083
x-served-by: cache-chi-kigq8000084-CHI, cache-fra-eddf8230120-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204267.418352,VS0,VE1
etag: "64ac675a-43b"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6ec2767-1f72-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608e5a5a695e-FRA
x-cache-hits: 1, 1

GET
H2 200 cloud-radius.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
1 KB 18ms
18ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/cloud-radius.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb3fabfc38cb91e680aebd33909d35b194cfc5bde0b20a1b13aa70c7b8348741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-qmc4p
content-length: 1293
x-served-by: cache-chi-kigq8000104-CHI, cache-fra-eddf8230094-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204267.459425,VS0,VE2
etag: "64ac6759-50d"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6eab4c5-1f72-11ee-a85b-aa2b4b163e62
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608e7a83695e-FRA
x-cache-hits: 1, 1

GET
H2 200 directory-insights.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 849 B
1 KB 42ms
42ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/directory-insights.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e362edf2572f4eb4c9da549b8cdeca23bf9bc29068141ab555d33d1cea7804c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-8dsl4
content-length: 849
x-served-by: cache-chi-kigq8000069-CHI, cache-fra-eddf8230031-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204267.474268,VS0,VE1
etag: "64ac675b-351"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e2a721-1f72-11ee-9e66-5e0a805aac42
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608e9aa3695e-FRA
x-cache-hits: 1, 1

GET
H2 200 app-catalog.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 751 B
950 B 17ms
17ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/app-catalog.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d95beb65382a23541b3902f37b5d2075d0c5dba76629429637e5996e659668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-h2lcf
content-length: 751
x-served-by: cache-chi-kigq8000062-CHI, cache-fra-eddf8230103-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204268.507681,VS0,VE1
etag: "64ac675a-2ef"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6ec1064-1f72-11ee-aff5-3e075461db89
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608edb14695e-FRA
x-cache-hits: 4, 1

GET
H2 200 device-management.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 893 B
1 KB 21ms
21ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/device-management.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b41e6a8d4534782df60ae794523c25141f706b43387e824d442e21afb16444a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 33889
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 893
x-served-by: cache-chi-kigq8000109-CHI, cache-fra-eddf8230045-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689205374.855424,VS0,VE1
etag: "64ac6759-37d"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: a21b180c-1f6f-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608efb31695e-FRA
x-cache-hits: 1, 1

GET
H2 200 mdm.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 439 B
693 B 20ms
20ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/mdm.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

146b3872523f6561bf59bbb4505e216321d647659306438788362a1dce1a6d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-b2tpf
content-length: 439
x-served-by: cache-chi-kigq8000090-CHI, cache-fra-eddf8230079-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.543730,VS0,VE2
etag: "64ac6759-1b7"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e31439-1f72-11ee-8ef4-4ec43451c5bf
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608f1b5d695e-FRA
x-cache-hits: 3, 1

GET
H2 200 remote-work.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 969 B
1 KB 20ms
19ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/remote-work.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5bec9af8e77fe2faa13f6e8a825df3f77ec8dadedc12f8a12198654e9a843e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-qmc4p
content-length: 969
x-served-by: cache-chi-klot8100036-CHI, cache-fra-eddf8230063-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.558093,VS0,VE1
etag: "64ac6759-3c9"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: a2196957-1f6f-11ee-a85b-aa2b4b163e62
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608f4b84695e-FRA
x-cache-hits: 3, 1

GET
H2 200 patch-management.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 977 B
1 KB 16ms
16ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/patch-management.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d473071d7eb11b2e776a42e147ca3701757eeab8a0046cb8946670462d919281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 977
x-served-by: cache-chi-klot8100030-CHI, cache-fra-eddf8230054-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204268.583264,VS0,VE2
etag: "64ac675a-3d1"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: ebcc7a74-1f6a-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608f6ba4695e-FRA
x-cache-hits: 1, 1

GET
H2 200 system-insights.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 751 B
954 B 22ms
21ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/system-insights.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bcc73047800651076329489373e67962856c64c2f0c546196411e33633a849a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: MISS, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 751
x-served-by: cache-chi-klot8100076-CHI, cache-fra-eddf8230125-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.605718,VS0,VE2
etag: "64ac6759-2ef"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 7b8304a7-1f70-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608f8bbd695e-FRA
x-cache-hits: 0, 1

GET
H2 200 cloud-and-msps.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
1 KB 25ms
25ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/cloud-and-msps.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b844c427ab2f2414b8b5a3772d5df9a29cbecb860c7cc45a1ced53c827660070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 1121
x-served-by: cache-chi-kigq8000021-CHI, cache-fra-eddf8230119-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.625402,VS0,VE1
etag: "64ac6759-461"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e74a52-1f72-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fabe6695e-FRA
x-cache-hits: 1, 1

GET
H2 200 mtp.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1001 B
1 KB 20ms
20ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/mtp.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff6344250e4d71c1247bf8973dfff318ae7684f773ef79d7004e61e799fb0f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-h2lcf
content-length: 1001
x-served-by: cache-chi-klot8100104-CHI, cache-fra-eddf8230114-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.644322,VS0,VE2
etag: "64ac6759-3e9"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: ebd256d2-1f6a-11ee-aff5-3e075461db89
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fbbfb695e-FRA
x-cache-hits: 1, 1

GET
H2 200 become-a-partner.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 2 KB
2 KB 42ms
35ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/become-a-partner.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dcb1a7b69b67c5c2e0f28ed05aea42e13d66f9e78fc17662e566d02fc02a5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 1974
x-served-by: cache-chi-klot8100077-CHI, cache-fra-eddf8230118-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.664682,VS0,VE2
etag: "64ac6759-7b6"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6eee74d-1f72-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fdc12695e-FRA
x-cache-hits: 2, 1

GET
H2 200 existing-partners.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 2 KB
2 KB 43ms
38ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/existing-partners.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f3bb8012b12f58272fdbd494a94e59ad75392ce28ea4d0b2922154f41e0935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: MISS, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-8dsl4
content-length: 1812
x-served-by: cache-chi-kigq8000122-CHI, cache-fra-eddf8230124-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.685813,VS0,VE2
etag: "64ac6759-714"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f9baa528-1f6d-11ee-9e66-5e0a805aac42
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec13695e-FRA
x-cache-hits: 0, 1

GET
H2 200 global-partner.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
1 KB 23ms
17ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/global-partner.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1510744315e101cd2f503452a89203aebd110e39b24ebea1e079c32042a15447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 1182
x-served-by: cache-chi-klot8100056-CHI, cache-fra-eddf8230041-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.703040,VS0,VE1
etag: "64ac6759-49e"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6ef2e45-1f72-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec15695e-FRA
x-cache-hits: 2, 1

GET
H2 200 technology-partners.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
1 KB 128ms
123ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/technology-partners.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0f772f4a0ddda704a3b90640c7cc5c0d4350fbaf9deb737c17a15661d3c7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 1273
x-served-by: cache-chi-klot8100153-CHI, cache-fra-eddf8230089-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204268.726327,VS0,VE2
etag: "64ac675b-4f9"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6f2be10-1f72-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec16695e-FRA
x-cache-hits: 3, 1

GET
H2 200 demo.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 441 B
635 B 31ms
26ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/demo.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e35ef5e8d309d079ddec6c6578db6a316b5b3bd34a206835291ff1c4ed228c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-h2lcf
content-length: 441
x-served-by: cache-chi-klot8100039-CHI, cache-fra-eddf8230021-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204268.741024,VS0,VE2
etag: "64ac675b-1b9"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 919151a0-1f60-11ee-aff5-3e075461db89
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec17695e-FRA
x-cache-hits: 1, 1

GET
H2 200 community.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 847 B
1 KB 25ms
19ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/community.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

824604c53234faf12d9816b588a1ad5824e3d51fbbe28c79d97b74224a054ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 847
x-served-by: cache-chi-kigq8000122-CHI, cache-fra-eddf8230103-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204268.765862,VS0,VE2
etag: "64ac675b-34f"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6f08f95-1f72-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec18695e-FRA
x-cache-hits: 1, 1

GET
H2 200 it-hour.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 768 B
994 B 24ms
18ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/it-hour.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5490892e0ada9be12ebabd9665b664524a8105522e0b071290f55e8c0f6b6b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: MISS, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 768
x-served-by: cache-chi-kigq8000130-CHI, cache-fra-eddf8230047-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204268.772379,VS0,VE1
etag: "64ac675a-300"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 7b84d9bb-1f70-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec19695e-FRA
x-cache-hits: 0, 1

GET
H2 200 webinar.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 945 B
1 KB 25ms
20ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/webinar.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

712cc78ac515f422bd69e196118c53c1e22454385fb25933df32c7b7c4b13f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 945
x-served-by: cache-chi-kigq8000117-CHI, cache-fra-eddf8230054-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204268.798749,VS0,VE2
etag: "64ac675b-3b1"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 918ef6ff-1f60-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec1b695e-FRA
x-cache-hits: 2, 1

GET
H2 200 events.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 487 B
754 B 30ms
25ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/events.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d7fd7a8d4f50180b0060f474771db5366ca9a37fc91a6fdf94c55af0f74373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 487
x-served-by: cache-chi-kigq8000160-CHI, cache-fra-eddf8230021-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.802084,VS0,VE1
etag: "64ac6759-1e7"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6e7e88b-1f72-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec1c695e-FRA
x-cache-hits: 1, 1

GET
H2 200 guided-sims.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 1 KB
1 KB 29ms
24ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/guided-sims.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1021521fbf40f82a9f2f83581eea570bb5cb10a9cd56757e999edb2fb6f662e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 1072
x-served-by: cache-chi-klot8100108-CHI, cache-fra-eddf8230093-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.838885,VS0,VE1
etag: "64ac6759-430"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6ef45a3-1f72-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec1d695e-FRA
x-cache-hits: 1, 1

GET
H2 200 resources.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 447 B
646 B 40ms
35ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/resources.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cde4f9680f7d0b5f6d31a6dda6a472f836fa38f47149b72ab64a82038ce9f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 447
x-served-by: cache-chi-kigq8000114-CHI, cache-fra-eddf8230119-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204268.833280,VS0,VE2
etag: "64ac675a-1bf"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6f21a39-1f72-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec25695e-FRA
x-cache-hits: 1, 1

GET
H2 200 blog.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 648 B
862 B 31ms
26ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/blog.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d30cd0d1a27989b224925a08530064b4f54290414c0617a60dfb9eb1bcb9872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 648
x-served-by: cache-chi-kigq8000050-CHI, cache-fra-eddf8230098-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.920447,VS0,VE2
etag: "64ac6759-288"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6f04c51-1f72-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec27695e-FRA
x-cache-hits: 1, 1

GET
H2 200 jcu.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 818 B
1023 B 34ms
30ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/jcu.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a58cac8b6df4b0033384913e40759aad81f4606e475d8b6faf34aa95e8450cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-b2tpf
content-length: 818
x-served-by: cache-chi-kigq8000098-CHI, cache-fra-eddf8230044-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.908418,VS0,VE2
etag: "64ac6759-332"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6f520a5-1f72-11ee-8ef4-4ec43451c5bf
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec29695e-FRA
x-cache-hits: 3, 1

GET
H2 200 youtube.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 485 B
747 B 31ms
27ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/youtube.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4e146c630ba96055eaeab0c72d41681e2fb7f1ac4ff30358704cd319ffb2d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: MISS, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-7sp7p
content-length: 485
x-served-by: cache-chi-klot8100161-CHI, cache-fra-eddf8230102-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204268.950940,VS0,VE2
etag: "64ac675a-1e5"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f9bb77f4-1f6d-11ee-b026-7a9cdb1b0df9
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec2a695e-FRA
x-cache-hits: 0, 1

GET
H2 200 case-studies.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 423 B
617 B 49ms
45ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/case-studies.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05f5c3c1577b97977d82a655f1a2b2c02b1b5fb63e397175866a678ecf80976a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34994
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 423
x-served-by: cache-chi-kigq8000135-CHI, cache-fra-eddf8230062-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.009580,VS0,VE2
etag: "64ac6759-1a7"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6f6853d-1f72-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec2c695e-FRA
x-cache-hits: 2, 1

GET
H2 200 support.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 988 B
1 KB 41ms
37ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/support.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34ae75103af996469e5ebd1f396bdaa2553d2c7f401f9c069714821ae4742a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34994
x-cache: MISS, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-h2lcf
content-length: 988
x-served-by: cache-chi-kigq8000083-CHI, cache-fra-eddf8230082-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.997689,VS0,VE1
etag: "64ac6759-3dc"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 7b874ff7-1f70-11ee-aff5-3e075461db89
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec2d695e-FRA
x-cache-hits: 0, 1

GET
H2 200 pro-services.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/ 875 B
1 KB 33ms
29ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation/nav-icons/pro-services.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4bf87c4244bc2563018aed497133dd23c87ee9774e5210d61ebd247367a54cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34994
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 875
x-served-by: cache-chi-kigq8000111-CHI, cache-fra-eddf8230116-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.047039,VS0,VE1
etag: "64ac6759-36b"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: a21f359d-1f6f-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec2e695e-FRA
x-cache-hits: 4, 1

GET
H2 200 user-login-icon.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/ 986 B
1 KB 43ms
39ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/user-login-icon.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60fbd0ffb77d3b64d6fb46cf9232ec6b2ca73dfb7770a3f08903fc377f046748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34994
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-h2lcf
content-length: 986
x-served-by: cache-chi-kigq8000151-CHI, cache-fra-eddf8230023-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689204268.052650,VS0,VE2
etag: "64ac675b-3da"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 9190bff4-1f60-11ee-aff5-3e075461db89
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec2f695e-FRA
x-cache-hits: 1, 1

GET
H2 200 navigation-language-light-icon.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/ 1007 B
1 KB 40ms
36ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/navigation-language-light-icon.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96c32d434152ea65e025a4da07fc6961f7f18072d52df5bdfe7ac6afea106976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34994
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-7sp7p
content-length: 1007
x-served-by: cache-chi-klot8100117-CHI, cache-fra-eddf8230070-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.085640,VS0,VE2
etag: "64ac6759-3ef"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: f6ec350c-1f72-11ee-b026-7a9cdb1b0df9
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec31695e-FRA
x-cache-hits: 1, 1

GET
H2 200 icon-rss.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/support/ 520 B
696 B 44ms
40ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/support/icon-rss.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79a825f080f5d401955c2b229b7ffc2a3a90c4a290e258256f892c86a3798384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 520
x-served-by: cache-chi-kigq8000147-CHI, cache-fra-eddf8230028-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204268.866884,VS0,VE1
etag: "64ac6759-208"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 5f6d16ef-1f5f-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608fec32695e-FRA
x-cache-hits: 1, 1

GET
H2 200 segment.b3e8d3a38280366410db.js Show response
jumpcloud.com//wp-content/themes/jumpcloud/assets/js/ 46 KB
18 KB 22ms
22ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com//wp-content/themes/jumpcloud/assets/js/segment.b3e8d3a38280366410db.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843c8aaf7dde68a58b802d89536d50d1ba0087a703f977638b64965af3ce580c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35329
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 18455
x-served-by: cache-chi-kigq8000120-CHI, cache-fra-eddf8230030-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689203932.374316,VS0,VE5
etag: W/"64ac6759-b6d0"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 292ff77a-1f67-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060894c7b695e-FRA
x-cache-hits: 2, 1

GET
H2 200 scripts.721faaf8a56dcbb6cc82.js Show response
jumpcloud.com//wp-content/themes/jumpcloud/assets/js/ 518 KB
197 KB 17ms
17ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com//wp-content/themes/jumpcloud/assets/js/scripts.721faaf8a56dcbb6cc82.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a7e56224cfd8bd6fce973396480cd200b6c5d0e92739757ae20d06dd402d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:41 GMT
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35329
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 201169
x-served-by: cache-chi-klot8100154-CHI, cache-fra-eddf8230123-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689203932.401758,VS0,VE5
etag: W/"64ac6759-8169d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f665964c-1f72-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60608a7e0d695e-FRA
x-cache-hits: 1, 1

GET
H2 200 ct Show response
june.takingbackjuly.com/ 3 KB
1 KB 419ms
116ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://june.takingbackjuly.com/ct?id=13278&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1689239261816&hl=2&op=0&ag=3420082901&rand=9421580007925022000919851699861123895132750210145951522701007391092098990906011&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDI0ODBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjI0LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFsiY2IiLCIxLDAsMCwwLDEsMSwwLDAsMSw4LDAsMSwzMSwwLDEsMCwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMSwyOCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMSwwLDAiXSxbLTEsIi0iXSxbLTIsIjIwLGVjWEdYMTlubnJ2Vk8ySmRsTmh4QktRa0x2U0ZkQVFCQ2xoMTRWVVZGQWxGNytDQUlxWFJCRkNFMTZGWWtvVlVwQVdoQVNJRDJrWjVOdFUrNjliLzErNTg3Y3pXUkpBUGxHbDkiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxMDAwMDAwMCxcInVqaHNcIjoxMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY4OTIzOTI2MTc3OCwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwibCwtMSwtMSwxLDAsMSwwLDMxLDIyLDgwLC0xLDAsLCw0MTAsNDExIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZV0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIxMDAiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjMyOTk5MTM2OVwiLFwiXzFcIixcIjcwMTc0NjY2OFwiLFwiMjc1ODYzNzQwN1wiLFwiMzM0MTg4NTE4OFwiXSxcImRcIjpbXSxcInNcIjoxfSJdLFstNTUsIjAiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRNElBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkalN4a1JVVTFOU1VvREZoWllURjVNU2swWFRWaFNVRmRlVzFoYVVsTk1WVUFYV2xaVUZsQVdXQUZkWEZ3T0FWMEFYUXhkV0Z4ZEN3b1BEZzBMQ1EwTkNnQmNYUWtNRFZ3WFUwb0RDQU1QQ2c0TUR4QVZXRTBaVFJkY1FVbFdTMDFLR1JGUlRVMUpTZ01XRmxoTVhreEtUUmROV0ZKUVYxNWJXRnBTVTB4VlFCZGFWbFFXVUJaWUFWMWNYQTRCWFFCZERGMVlYRjBMQ2c4T0RRc0pEUT09Il0sWy01OCwiLSJdLFstNTksImRlZmF1bHQiXSxbLTYwLDIyMF0sWy02MSwie1wicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWyJkZGIiLCIwLDIxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDQsMSwxLDAsMCwwLDEsMSw4LDAsMCwxMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDIsMCw2LDAiXSxbImJuY2giLDE0OV0sWyJhYm5jaCIsMTQ5XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=ZHfL6aJIMn&pto=445&ver=54&gac=-&mei=&ap=&fe=1&duid=1.1689239261.VaMABxVgbN4VNNF1&suid=1.1689239261.65WD3QDdvs0rsenp&tuid=1.1689239261.X8sLWZK0XUXW62L2&fbc=-&gtm=-&it=18%2C130%2C132&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: august.takingbackjuly.com
URL: https://august.takingbackjuly.com/i/a8dee78d9d5daed23674204439ed054e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f5da14392ce23dec9019e2cfa79d64d8a30611a659cf7458b08ab3ee7420ea8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 13 Jul 2023 09:07:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1240
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2f8f41b6-56b2-430a-8d2e-a63f62fc69d8.json Show response
cdn.cookielaw.org/consent/2f8f41b6-56b2-430a-8d2e-a63f62fc69d8/ 4 KB
2 KB 56ms
40ms XHR
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2f8f41b6-56b2-430a-8d2e-a63f62fc69d8/2f8f41b6-56b2-430a-8d2e-a63f62fc69d8.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189159aeb82d7c71965b168f1364d75654f8e33a0785dc716103731425aea159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3275
content-md5: dMehTs8FLjmzD4KPBaKITw==
content-length: 1653
x-ms-lease-status: unlocked
last-modified: Thu, 08 Sep 2022 16:43:54 GMT
server: cloudflare
etag: 0x8DA91B951133BC2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3774ae61-501e-0001-3ae1-5ad91b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e60608b3860bb79-FRA
expires: Fri, 14 Jul 2023 09:07:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 67ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Serif+Pro:ital,wght@0,400;0,700;0,900;1,600&display=swap

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed322438e5f9242f61ffb0d83813d40419ac47aaf942a0fe8de27af198b20fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 09:07:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 09:07:42 GMT

GET
H2 200 wnx0fhv.css
use.typekit.net/ 6 KB
1 KB 159ms
9ms Stylesheet
text/css 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wnx0fhv.css

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

36082d6055ae2cd017f681602b13beb92416726e0d57e968738963b1ec0b949b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 13 Jul 2023 09:07:42 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 897

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 63ms
26ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7e60608bfb893631-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.33.0/ 336 KB
80 KB 42ms
38ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0152531ece5b19aa743208c31fd9f9284282bc97a2ec666de5cf770a9aeee0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: snqI9a2h7X2bbSiony0guw==
age: 17729
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 81354
x-ms-lease-status: unlocked
last-modified: Wed, 13 Apr 2022 01:38:27 GMT
server: cloudflare
etag: 0x8DA1CEE4EF01A44
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ee38e551-a01e-003d-43e1-5a6dc0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e60608fed4235eb-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 565ms
7ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wnx0fhv&ht=tk&f=24352.24353.24355.24356.43309.43310.43311.43312&a=83489945&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wnx0fhv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/wnx0fhv.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
last-modified: Fri, 21 Apr 2023 14:15:25 GMT
server: nginx
etag: "64429a7d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 1gyatbjnbt Show response
fast.wistia.net/embed/iframe/ Frame 2BBA 9 KB
3 KB 59ms
11ms Document
text/html 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dff4d2ac67d11d84ddbb83b39b973714a2d0a4737d29b73a03f056e47896a190

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 88302
cache-control: public, no-cache
content-encoding: br
content-length: 2618
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 09:07:42 GMT
etag: W/"dff4d2ac67d11d84ddbb83b39b973714"
server: envoy
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 f61b2fd488f2b56ce284c14d3ee66f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id: 7Vhem_ZJc6E4HK6FcCye0RySuklxTILo4zP1M-8ys9dutjLUwektzQ==
x-amz-cf-pop: IAD55-P2
x-browser: chrome
x-browser-version: 114
x-cache: Miss from cloudfront, MISS, HIT
x-cache-hits: 0, 1
x-content-type-options: nosniff
x-ecma-v: modern
x-envoy-upstream-service-time: 60
x-permitted-cross-domain-policies: none
x-player-privacy-mode: 1
x-request-id: c9e17250-1501-42cf-b76b-1850a65f330c
x-runtime: 0.057616
x-served-by: cache-iad-kcgs7200049-IAD, cache-fra-eddf8230134-FRA
x-timer: S1689239263.757915,VS0,VE2

GET
H2 200 l
use.typekit.net/af/be28cc/00000000000000007735a54a/30/ 13 KB
14 KB 41ms
12ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/be28cc/00000000000000007735a54a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wnx0fhv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0d1fcd33d270a8e9a9a3442b0f1182caea7cd4300a0094a4d4d99a812c0320cf

Request headers

Referer: https://use.typekit.net/wnx0fhv.css
Origin: https://jumpcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
server: nginx
etag: "fe068450069fac8d4a7027a68334d63a0dea2f78"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13768

GET
H2 200 l
use.typekit.net/af/37e7f5/00000000000000007735a548/30/ 17 KB
17 KB 36ms
13ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/37e7f5/00000000000000007735a548/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wnx0fhv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e0839094a0f5d0f20dc868eb8b91942289ec146624fbd3719b6d82f8893d9dd9

Request headers

Referer: https://use.typekit.net/wnx0fhv.css
Origin: https://jumpcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
server: nginx
etag: "3fde2bbf02a4c0772d0cbb68120a5d1012540029"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17300

GET
H2 200 jumpcloud-wordmark-tm-oceanblue.svg
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/logos/ 5 KB
3 KB 16ms
16ms Image
image/svg+xml 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/logos/jumpcloud-wordmark-tm-oceanblue.svg

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afbdff67bd6920203470b7ea7de82cd3508b5c8b3266c1c9f8b9afeab3560105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 2529
x-served-by: cache-chi-klot8100142-CHI, cache-fra-eddf8230115-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204268.866727,VS0,VE2
etag: W/"64ac675a-1469"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: eb757095-1f6a-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060903c87695e-FRA
x-cache-hits: 2, 1

GET
H2 200 a553480116.html Show response
a553480116.cdn.optimizely.com/client_storage/ Frame B262 2 KB
1 KB 250ms
183ms Document
text/html 23.197.128.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a553480116.cdn.optimizely.com/client_storage/a553480116.html

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.197.128.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-128-15.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

fdeda8ee18a5e9dde2498df6b41b66d4dd4a060efb6d263e664ff406e351eda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 818
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 09:07:43 GMT
etag: "113e10ee0d8221edea5ca68141d6f77c"
last-modified: Wed, 12 Jul 2023 14:38:07 GMT
server: AmazonS3
server-timing: cdn-cache; desc=REVALIDATE edge; dur=66 origin; dur=102 cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="23.197.128.15";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="469233_390277126_562397417_16744_1470_7_0_-";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: /kuLWf0jegC/S5U2gm0u5uCQuWY3VWw+8mMG+Nm6fzsTDR6p+EcnbJvNVRcA+8Kyckc82TCUHMs=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: 6FW3365X4C2D9P3P
x-amz-server-side-encryption: AES256
x-amz-version-id: XkIjTDWzmnwbV7cPT2zL2cZfV_YpOiie

GET
H2 200 chevron-down.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/ 643 B
848 B 18ms
17ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/chevron-down.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c10bcd4037fa23ad7e3c1f9c5f6a794a3ab0a26a72cc4d8aaf60ef5220920c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 26184
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 643
x-served-by: cache-chi-kigq8000176-CHI, cache-fra-eddf8230109-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689213078.102002,VS0,VE1
etag: "64ac675a-283"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: e86fbfc6-1f64-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060906cb4695e-FRA
x-cache-hits: 3, 1

GET
H2 200 icon-search.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/support/ 525 B
719 B 21ms
21ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/support/icon-search.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fac7e997323edd109bb80a3db3f7663154508f57260fc805e4a26d259e161f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com//wp-content/themes/jumpcloud/assets/styles/styles.ac945b8a75df8a0a52e5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 525
x-served-by: cache-chi-klot8100113-CHI, cache-fra-eddf8230110-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204268.859538,VS0,VE1
etag: "64ac675a-20d"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 5f63522b-1f5f-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060906cb6695e-FRA
x-cache-hits: 1, 1

GET
H2 200 l
use.typekit.net/af/6c50f4/00000000000000007735a544/30/ 18 KB
18 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6c50f4/00000000000000007735a544/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wnx0fhv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0580e9e816da1883ab597af4ed3ea8e25d5325f39a64bc8951c2aa03045ca229

Request headers

Referer: https://use.typekit.net/wnx0fhv.css
Origin: https://jumpcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
server: nginx
etag: "bd36aa533bb1fdd3f69db9026cbb8450c993a3ee"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18008

GET
H2 200 logo-twitter.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/ 467 B
758 B 25ms
24ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/logo-twitter.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625425a56a434aab101d4af1dd120a0aaf280e9189980fc925535e610f24bd39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34963
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 467
x-served-by: cache-chi-kigq8000111-CHI, cache-fra-eddf8230102-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204299.461707,VS0,VE2
etag: "64ac675a-1d3"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 435566cf-1f60-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060907ccb695e-FRA
x-cache-hits: 1, 1

GET
H2 200 logo-facebook.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/ 321 B
528 B 17ms
17ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/logo-facebook.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24c43d74988730c99312d4a798f630cb900f2fa802869051d9b630628f485060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34963
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-xsfvg
content-length: 321
x-served-by: cache-chi-kigq8000079-CHI, cache-fra-eddf8230057-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204299.463045,VS0,VE1
etag: "64ac675a-141"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 434c6650-1f60-11ee-81a8-0ed86ea0387c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060907ccd695e-FRA
x-cache-hits: 2, 1

GET
H2 200 logo-linkedIn.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/ 409 B
684 B 18ms
18ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/logo-linkedIn.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d2c657b3e23da3bc48d80d77d5a8a787cacbecfb4a15a7c84a6c000e6792c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 29120
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-8dsl4
content-length: 409
x-served-by: cache-chi-kigq8000066-CHI, cache-fra-eddf8230070-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689210143.814127,VS0,VE1
etag: "64ac675b-199"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 4376ae09-1f60-11ee-9e66-5e0a805aac42
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060907ccf695e-FRA
x-cache-hits: 1, 1

GET
H2 200 logo-youtube.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/ 403 B
620 B 19ms
18ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/logo-youtube.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7cb87c111c83b72ea298066171cf4a4fad7da28512fd26bee30585d65d25d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34963
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-b2tpf
content-length: 403
x-served-by: cache-chi-klot8100068-CHI, cache-fra-eddf8230042-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204299.463926,VS0,VE1
etag: "64ac6759-193"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 435835cf-1f60-11ee-8ef4-4ec43451c5bf
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060907cd0695e-FRA
x-cache-hits: 1, 1

GET
H2 200 logo-g2-crowd.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/ 619 B
790 B 19ms
19ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/social-logos/logo-g2-crowd.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02ae652aa5d5f1d5736fe83e10012889498c06c5d40aea59dff5eaf1b42a3bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34963
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-8dsl4
content-length: 619
x-served-by: cache-chi-klot8100115-CHI, cache-fra-eddf8230067-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204299.464601,VS0,VE2
etag: "64ac675a-26b"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 4356bc2e-1f60-11ee-9e66-5e0a805aac42
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060907cd1695e-FRA
x-cache-hits: 1, 1

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 2BBA 45 KB
12 KB 9ms
9ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8d1982dbd63e50e0f1103e28f69c22401232bd19b5304502ad31828cde257665

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1895
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12053
x-served-by: cache-iad-kiad7000115-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239263.798056,VS0,VE0
etag: "60893c402e8e27ceaa4eeaa849d6a48a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27, 32

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 2BBA 699 KB
120 KB 10ms
9ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8aae4196ebe99727bac2cd377254e0e26ea24a1e72f565c2e86eaeefb2d057d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1857
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 122799
x-served-by: cache-iad-kiad7000108-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239263.798143,VS0,VE0
etag: "df5d140632002c848edf0eba6a85aab0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 43, 79

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
624 B 27ms
26ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4ef68b8dd49032c184dbb9bdcc9790a9d55ceb2ed67a7810d46a19596b97e90

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Thu, 13 Jul 2023 09:07:42 GMT

GET
H2 200 vendors~globalChunk~partnersChunk~scriptsLazy.1b727824796f7ea46194.js Show response
jumpcloud.com/wp-content/themes/jumpcloud/assets/js/ 28 KB
11 KB 22ms
19ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/js/vendors~globalChunk~partnersChunk~scriptsLazy.1b727824796f7ea46194.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5cbb81c351c34f7df6ac8c8beccd62757b154b0246880438ca08ad9d264af30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35330
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-7sp7p
content-length: 11101
x-served-by: cache-chi-kigq8000047-CHI, cache-fra-eddf8230136-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689203933.566938,VS0,VE1
etag: W/"64ac6759-6f1c"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ec1610c0-1f6a-11ee-b026-7a9cdb1b0df9
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060911d87695e-FRA
x-cache-hits: 1, 1

GET
H2 200 vendors~globalChunk~partnersChunk.1cdba696e755bd3d86cd.js Show response
jumpcloud.com/wp-content/themes/jumpcloud/assets/js/ 45 KB
17 KB 89ms
86ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/js/vendors~globalChunk~partnersChunk.1cdba696e755bd3d86cd.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04ae204217d793615fef27a84fe3baa493accb41e3b35ca6a2917f0384284311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35330
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 16647
x-served-by: cache-chi-kigq8000101-CHI, cache-fra-eddf8230099-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689203933.566324,VS0,VE3
etag: W/"64ac675a-b5e2"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f7262cc3-1f72-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060911d8a695e-FRA
x-cache-hits: 1, 1

GET
H2 200 vendors~globalChunk.78bfbcdbb39f41ca08ca.js Show response
jumpcloud.com/wp-content/themes/jumpcloud/assets/js/ 114 KB
51 KB 23ms
21ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/js/vendors~globalChunk.78bfbcdbb39f41ca08ca.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b65aefb46929195d149cc863369ee0a91c480132d1bae9df3151c6622f28594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35330
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-8dsl4
content-length: 51675
x-served-by: cache-chi-kigq8000121-CHI, cache-fra-eddf8230062-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689203933.571792,VS0,VE2
etag: W/"64ac675a-1c7b1"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f725d2ab-1f72-11ee-9e66-5e0a805aac42
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060911d8b695e-FRA
x-cache-hits: 2, 1

GET
H2 200 globalChunk~partnersChunk.2cb872691c7082050ada.css
jumpcloud.com/wp-content/themes/jumpcloud/assets/styles/ 6 KB
2 KB 22ms
19ms Stylesheet
text/css 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/styles/globalChunk~partnersChunk.2cb872691c7082050ada.css

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9fda7d39900ce35e6245694bec4f12ca97e9f97e3ee0c5c09fef38609faf6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 34995
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 1893
x-served-by: cache-chi-kigq8000116-CHI, cache-fra-eddf8230056-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689204268.952103,VS0,VE1
etag: W/"64ac675a-17b2"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: f7266ac3-1f72-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060911d90695e-FRA
x-cache-hits: 1, 1

GET
H2 200 globalChunk~partnersChunk.0c2cd479460b19c79800.js Show response
jumpcloud.com/wp-content/themes/jumpcloud/assets/js/ 64 KB
19 KB 51ms
48ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/js/globalChunk~partnersChunk.0c2cd479460b19c79800.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39a36209407fe9934c61b9c2da663b4a97ba418531e5b10bb0aaee1b59d06ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35330
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-n5wh9
content-length: 19132
x-served-by: cache-chi-kigq8000133-CHI, cache-fra-eddf8230119-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689203933.566621,VS0,VE1
etag: W/"64ac6759-101a2"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f726261b-1f72-11ee-a59c-2ac443a33091
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060911d92695e-FRA
x-cache-hits: 1, 1

GET
H2 200 globalChunk.af48ede14c0253928526.css
jumpcloud.com/wp-content/themes/jumpcloud/assets/styles/ 69 KB
15 KB 85ms
83ms Stylesheet
text/css 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/styles/globalChunk.af48ede14c0253928526.css

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc43b0353bc781351884f7b2fb8615f41ee148e169ea7fc62f63544f5d358a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35330
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-2wzr9
content-length: 15420
x-served-by: cache-chi-kigq8000143-CHI, cache-fra-eddf8230042-FRA
last-modified: Mon, 10 Jul 2023 20:17:31 GMT
server: cloudflare
x-timer: S1689203933.565267,VS0,VE1
etag: W/"64ac675b-113e5"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: f7268d45-1f72-11ee-bee9-3e64610c1cba
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060911d91695e-FRA
x-cache-hits: 1, 1

GET
H2 200 globalChunk.c8445eddb518b003781d.js Show response
jumpcloud.com/wp-content/themes/jumpcloud/assets/js/ 363 KB
87 KB 88ms
87ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/js/globalChunk.c8445eddb518b003781d.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c16131d3c9ce3128244c2b5e8cd2548c840bd0d985c0b117ba30c1108cc33126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:42 GMT
date: Thu, 13 Jul 2023 09:07:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35330
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-b2tpf
content-length: 88697
x-served-by: cache-chi-klot8100159-CHI, cache-fra-eddf8230042-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689203933.565187,VS0,VE3
etag: W/"64ac675a-5aa8c"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 92767c47-1f60-11ee-8ef4-4ec43451c5bf
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e6060911d94695e-FRA
x-cache-hits: 2, 1

GET
H2 200 swatch
fast.wistia.net/embed/medias/1gyatbjnbt/ Frame 2BBA 3 KB
3 KB 86ms
9ms Image
image/jpeg 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/1gyatbjnbt/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0d52b52e8dc9dddd76fda7f5475ca18faa98e162f1eb122e324a19d1959070fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:42 GMT
access-control-request-method: *
via: 1.1 13f20f497c3eb55c7da0e314b603aaba.cloudfront.net (CloudFront), 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD89-C3
age: 623840
edge-cache-tag: 4a34f390f50f5280401e60c3513e876a
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 23
content-disposition: inline
content-length: 2807
x-served-by: cache-iad-kcgs7200130-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Mon, 21 Nov 2022 19:09:17 UTC
server: envoy
x-timer: S1689239263.996758,VS0,VE1
etag: v90lW0q50Y0m4iFk5fUB7uI49sQ=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JE2FhgHjSPXarMXxhJaW95o_6SOPSACd9ZaGslUP9G1PSZKRAD7iAA==
x-cache-hits: 2490, 1

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 134ms
16ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:56:55 GMT
content-encoding: gzip
age: 648
x-guploader-uploadid: ADPycdt-9bC2jawnXEiF4Pby8EJPu9-M0qKWadcxhYwPrDp5IsKAd63BtmodePyTIk0AXSFG2a6KsBBwKEIt1Mcuzt4Vr1dlWAkC
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Thu, 13 Jul 2023 09:56:55 GMT

GET v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 431 KB
174 KB 124ms
26ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
Origin: https://jumpcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 18:49:30 GMT

GET
H2 200 analytics.min.js Show response
segmentcdn.jumpcloud.com/analytics.js/v1/qHLvOWOrnPUDWP2muo7vKUa8Y18dvpgQ/ 105 KB
30 KB 163ms
45ms Script
text/javascript 2600:9000:20c3:c200:14:6ddd:bc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segmentcdn.jumpcloud.com/analytics.js/v1/qHLvOWOrnPUDWP2muo7vKUa8Y18dvpgQ/analytics.min.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c200:14:6ddd:bc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 452135191efa0f90d520a936b4e9604894cb5b99a62ec277ce007949ee2fe100

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: fCjoqe7iGJ9fkTjkNRiwqKpBC_dM5spN
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront), 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront)
date: Thu, 13 Jul 2023 09:06:00 GMT
x-amz-cf-pop: FRA6-C1, MUC50-C1
age: 104
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 09 Jun 2023 11:46:32 GMT
server: AmazonS3
etag: W/"00fb07e7147cb772c255cbd3ae345233"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: NXnnmWxROU_laMGsnLajU-5dx_BvueL5Hd-TrS9YcdWtJ-70GeAd-w==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/2f8f41b6-56b2-430a-8d2e-a63f62fc69d8/a48780fc-e21a-48bb-854c-8e2bbd2017a1/ 121 KB
23 KB 79ms
45ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2f8f41b6-56b2-430a-8d2e-a63f62fc69d8/a48780fc-e21a-48bb-854c-8e2bbd2017a1/en.json

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed99bef6fdf75209e9a2f1911f14c64fe8a10e1508ded9d44037b3050bd612f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 63310
content-md5: vH/kATEt4VeKPslcCqE1Pg==
content-length: 23537
x-ms-lease-status: unlocked
last-modified: Thu, 08 Sep 2022 16:43:58 GMT
server: cloudflare
etag: 0x8DA91B953848015
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 58a85a7c-501e-012c-70e1-5a1c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e606091c983bb79-FRA
expires: Fri, 14 Jul 2023 09:07:43 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 2BBA 79 KB
21 KB 9ms
9ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

222af1497b4cd652d595ca7873e7bd0bd70ab3c49d99e02e4b35c7fb4e72e9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:43 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1856
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 20975
x-served-by: cache-iad-kiad7000173-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239263.164134,VS0,VE0
etag: "10fa61aeed60028314969e32cffc9951"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 31, 40

GET
H2 200 swatch
fast.wistia.net/embed/medias/1gyatbjnbt/ Frame 2BBA 3 KB
3 KB 9ms
8ms Image
image/jpeg 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/1gyatbjnbt/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0d52b52e8dc9dddd76fda7f5475ca18faa98e162f1eb122e324a19d1959070fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:43 GMT
access-control-request-method: *
via: 1.1 13f20f497c3eb55c7da0e314b603aaba.cloudfront.net (CloudFront), 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD89-C3
age: 623840
edge-cache-tag: 4a34f390f50f5280401e60c3513e876a
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 23
content-disposition: inline
content-length: 2807
x-served-by: cache-iad-kcgs7200130-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Mon, 21 Nov 2022 19:09:17 UTC
server: envoy
x-timer: S1689239263.220453,VS0,VE0
etag: v90lW0q50Y0m4iFk5fUB7uI49sQ=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JE2FhgHjSPXarMXxhJaW95o_6SOPSACd9ZaGslUP9G1PSZKRAD7iAA==
x-cache-hits: 2490, 2

GET
H2 200 4a34f390f50f5280401e60c3513e876a.webp
embed-ssl.wistia.com/deliveries/ Frame 2BBA 15 KB
16 KB 141ms
12ms Image
image/webp 2600:9000:2104:a600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/4a34f390f50f5280401e60c3513e876a.webp?image_crop_resized=640x360
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:a600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 552a0e9f4863f7512b535409555e2a03a1ea99457c6023563bcaa01d713db63e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:50:25 GMT
access-control-request-method: *
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: AMS1-C1
age: 2265438
edge-cache-tag: 4a34f390f50f5280401e60c3513e876a
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 189
content-disposition: inline
surrogate-key: 4a34f390f50f5280401e60c3513e876a thumbnail-delivery
last-modified: Mon, 21 Nov 2022 19:09:17 UTC
server: envoy
etag: EPFxYaJByIku_zCCq_c_BX-6Qvk=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: Fdl_im12uVFMM82qoNYnewpNMFV6LdPVYUpbvLK_XSkLnYv7vO9Rzw==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.33.0/assets/ 13 KB
3 KB 46ms
17ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otFlat.json

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sKd74iX+eTxIn9FxDVtzyw==
age: 50752
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2959
x-ms-lease-status: unlocked
last-modified: Wed, 13 Apr 2022 01:38:17 GMT
server: cloudflare
etag: 0x8DA1CEE4903C133
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cd94ea95-b01e-004f-2de1-5a1cfe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e6060939d32bb79-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/ 47 KB
12 KB 45ms
16ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/otPcTab.json

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6736760a1c0c624190fee65234d5013a261ded35d345e6f278a3739719fac230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h/rpieqq8V1m1+jdGLnyuQ==
age: 13907
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11931
x-ms-lease-status: unlocked
last-modified: Wed, 13 Apr 2022 01:38:20 GMT
server: cloudflare
etag: 0x8DA1CEE4A952537
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 55d0cd0b-101e-00ca-02e1-5a4b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e6060939d34bb79-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.33.0/assets/ 21 KB
4 KB 46ms
17ms Fetch
text/css 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCommonStyles.css

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
age: 3155
x-ms-lease-status: unlocked
last-modified: Wed, 13 Apr 2022 01:38:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: bc717cf1-201e-0027-61e1-5a42af000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e6060939d36bb79-FRA

GET
H2 200 iframeApi.js Show response
fast.wistia.com/assets/external/ 87 KB
23 KB 60ms
26ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/iframeApi.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd0220b5553ec4f395d192ac1929b5a8d85883cbcf42807e392a2ba699d78d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
Origin: https://jumpcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:43 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2009
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 22564
x-served-by: cache-iad-kjyo7100165-IAD, cache-fra-eddf8230050-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239263.309600,VS0,VE0
etag: "7a0d296109287c1b647f32eb89d36a7b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26, 6

GET
H2 200 siteSearchChunk.bb20c319444fd842d71d.css
jumpcloud.com/wp-content/themes/jumpcloud/assets/styles/ 6 KB
2 KB 22ms
17ms Stylesheet
text/css 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/styles/siteSearchChunk.bb20c319444fd842d71d.css

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af04a3bede1c8db6c5315ef7f2163e41154596d48763a59da86d3a437a2c582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:43 GMT
date: Thu, 13 Jul 2023 09:07:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35286
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-b2tpf
content-length: 1582
x-served-by: cache-chi-klot8100029-CHI, cache-fra-eddf8230139-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689203978.663144,VS0,VE1
etag: W/"64ac675a-1694"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 5fc25b86-1f5f-11ee-8ef4-4ec43451c5bf
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606093f89f695e-FRA
x-cache-hits: 1, 1

GET
H2 200 siteSearchChunk.e5752b80ca45d540a735.js Show response
jumpcloud.com/wp-content/themes/jumpcloud/assets/js/ 40 KB
11 KB 23ms
19ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/js/siteSearchChunk.e5752b80ca45d540a735.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed645ac86cf1868576616bd8b191cab1d41e695a6982265010aa0da0ba64c2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:43 GMT
date: Thu, 13 Jul 2023 09:07:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35286
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-5t28v
content-length: 11083
x-served-by: cache-chi-klot8100083-CHI, cache-fra-eddf8230050-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689203978.668884,VS0,VE2
etag: W/"64ac675a-a16d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5fbe6d0a-1f5f-11ee-8fd5-02d7c06a63d7
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e606093f8a1695e-FRA
x-cache-hits: 1, 1

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 174ms
172ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 13 Jul 2023 09:07:44 GMT
server: Google Frontend
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 42870275818335c67b128ad802ad524d
function-execution-id: 7y8roc6zpdgt
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CF0E 50 KB
27 KB 63ms
36ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbi70ZAAAAADiFVIi4n1etOyUxaCP2cLxtEd4Q&co=aHR0cHM6Ly9qdW1wY2xvdWQuY29tOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ax1u22mpboku

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c367992ade48a625434cbe8d710a9493f5d60f02770aa49714df02ae0802f58

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0UXw-hTFESj5U-oxZUFW3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27965
content-security-policy: script-src 'report-sample' 'nonce-0UXw-hTFESj5U-oxZUFW3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 09:07:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 1247ms
121ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 09:07:44 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: ek6xa0iirivf
server: Google Frontend
x-cloud-trace-context: df77af71ef34c8b7a5308ef68183501c
x-powered-by: Express

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 1087ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 13 Jul 2023 09:07:44 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03CD23DCB6BB4301B40394E050231D24 Ref B: FRAEDGE2008 Ref C: 2023-07-13T09:07:44Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
67 KB 1095ms
40ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-623439251

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5f84eed917971eacc579590c0bdcf72ee3a94d5e546b7ea7afad59268450a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68010
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 09:07:44 GMT

GET
H2 200 tc_imp.gif
june.takingbackjuly.com/tracker/ 43 B
103 B 105ms
105ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://june.takingbackjuly.com/tracker/tc_imp.gif?e=37dfbd8ee84e001362e7c536e3458c9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f128f6a2f17071a10acf9f29f674fd0d68f062a6b1cf77a7156843cd86495513700279601020c660709ceef3d4777be26bb25cb43e2916af05265ac5e24721bd853e946f4c6d7df3abb2807ff7ccaa8556d8e0e3143714493d60264f160b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4908677a0d8d959ee489d513672aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7df990156cbadaae21da50ab45b08411c246cac72e953832979d75d8659980edf49df3f1477fe425b4bafd2b4d26f9913f82be50eb0102419457459a8a94c7d3fd8b3ddf2c9c9fb88735ff6b692689683dd99c86403c9fb821fb50a898409766ef33024d538c6eec439cd7a97ca98a348744b6de8795278f191c2ddb79541d3e493e9fff2df452d78cdf72ebde75fa942bca92eeee3dd7f0a711267f82a90604dabd0e4954e6fee374b828c4bb1ab6b77ff625ff6f8759c64ac5b42e904b54b8f7c7387b46341120194105b6f3da3ea15eee10100750aca645cd850a10ecfa83a8b607c1f1f9fa87feb3f2494920f8448faa446d8b427906d464546d71f07bae6a04c4ebc57f9763d12197b62fcbb811847d0f234d1e6e47d999b0c93669548419439ddadbb8b9c8550480d6ec00e7bd3b1d8f806c380f87efaf5733ab35c61ac64ef1358913c5c915f0b330e1928ad4995964ea874f60e302f2cbf3ab54df396a5617887a0715e8f74d85fe15d4989dc05dcf848e31083659d635e879cd3fc98101f35a242743467f6dfd48ccc16547b304adbbe7779d965f86746fbd452d68ce948e590baa28aad0728f50685f14ae312d9ebd833d89453499861abdcd9da2d150d05c493055af353758c2d55000a62eb8bd927c9dd9ed124f23e139621a0e91520cba85fc4152e922038fc8d41a908aeddd5374eb6cf85227&cri=ZHfL6aJIMn&ts=2673&cb=1689239264489
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 13 Jul 2023 09:07:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 settings Show response
segmentcdn.jumpcloud.com/v1/projects/qHLvOWOrnPUDWP2muo7vKUa8Y18dvpgQ/ 876 B
1 KB 50ms
16ms Fetch
application/json 2600:9000:20c3:c200:14:6ddd:bc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segmentcdn.jumpcloud.com/v1/projects/qHLvOWOrnPUDWP2muo7vKUa8Y18dvpgQ/settings
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c200:14:6ddd:bc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 974ca3d98f2a11dcf310bf8f61c3cb7d543922a8f7ceec12d846058db07265f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:47:43 GMT
x-amz-version-id: seLCbxIhoqfXVK9TPrk853gWZCbXWwSX
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront), 1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1, MUC50-C1
age: 1202
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 876
last-modified: Tue, 10 May 2022 02:21:01 GMT
server: AmazonS3
etag: "c48e6e1f3a2fc0dd31ec396a3c99403f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
x-amz-cf-id: wlN7vMtOqKu3fG8HLVtDmwT28c7z7FhPfy0UY_lppPHEQHnyZEJJFQ==

POST
H2 200 mon Show response
june.takingbackjuly.com/ 0
123 B 107ms
106ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://june.takingbackjuly.com/mon
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://jumpcloud.com
date: Thu, 13 Jul 2023 09:07:44 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
BLOB 200
OK d98a57a7-54a5-4d87-bf7a-690f55baccde
https://jumpcloud.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jumpcloud.com/d98a57a7-54a5-4d87-bf7a-690f55baccde
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef5595b0cacbe64fd092ed3a7804051f90490b013ddc888d5572cc60ae431172

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 261
Content-Type

POST
H2 200 mon Show response
june.takingbackjuly.com/ 0
16 B 107ms
106ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://june.takingbackjuly.com/mon
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://jumpcloud.com
date: Thu, 13 Jul 2023 09:07:44 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame CF0E 55 KB
24 KB 50ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbi70ZAAAAADiFVIi4n1etOyUxaCP2cLxtEd4Q&co=aHR0cHM6Ly9qdW1wY2xvdWQuY29tOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ax1u22mpboku

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 18:05:13 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame CF0E 431 KB
173 KB 57ms
26ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 18:49:30 GMT

GET
H2 200 arrow-right-ocean-blue.png
jumpcloud.com/wp-content/themes/jumpcloud/assets/images/ 278 B
537 B 23ms
16ms Image
image/png 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/images/arrow-right-ocean-blue.png

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c67b89008a548614d738260df4bba27eb39ecfdc774ed0fc0acdcca7350289ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:44 GMT
date: Thu, 13 Jul 2023 09:07:44 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 34996
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-8j4fz
content-length: 278
x-served-by: cache-chi-kigq8000031-CHI, cache-fra-eddf8230038-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689204269.527216,VS0,VE2
etag: "64ac6759-116"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: ed12669b-1f6a-11ee-8065-0655140b32b2
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60609bfaa1695e-FRA
x-cache-hits: 2, 1

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 18ms
17ms Image
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:07:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 10993
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 35f0a309-901e-00b6-7a0b-b5d61e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e60609c3d8335eb-FRA

GET hls_video.js
fast.wistia.net/assets/external/engines/ Frame 2BBA 0
0

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame F1F2 910 B
604 B 37ms
33ms Document
text/html 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-TCQM2R

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50a5c4dd84069b92273db6dc48c60cec63582767f48d9a8e1772ca55718ca8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 419
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 09:07:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 1gyatbjnbt Show response
fast.wistia.net/embed/iframe/ Frame 24CD 9 KB
3 KB 10ms
8ms Document
text/html 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dff4d2ac67d11d84ddbb83b39b973714a2d0a4737d29b73a03f056e47896a190

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 88304
cache-control: public, no-cache
content-encoding: br
content-length: 2618
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 09:07:44 GMT
etag: W/"dff4d2ac67d11d84ddbb83b39b973714"
server: envoy
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 f61b2fd488f2b56ce284c14d3ee66f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id: 7Vhem_ZJc6E4HK6FcCye0RySuklxTILo4zP1M-8ys9dutjLUwektzQ==
x-amz-cf-pop: IAD55-P2
x-browser: chrome
x-browser-version: 114
x-cache: Miss from cloudfront, MISS, HIT
x-cache-hits: 0, 2
x-content-type-options: nosniff
x-ecma-v: modern
x-envoy-upstream-service-time: 60
x-permitted-cross-domain-policies: none
x-player-privacy-mode: 1
x-request-id: c9e17250-1501-42cf-b76b-1850a65f330c
x-runtime: 0.057616
x-served-by: cache-iad-kcgs7200049-IAD, cache-fra-eddf8230134-FRA
x-timer: S1689239265.889520,VS0,VE0

GET
H2 200 l
use.typekit.net/af/da581f/00000000000000007735a540/30/ 17 KB
17 KB 8ms
8ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/da581f/00000000000000007735a540/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wnx0fhv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b6715e33848287dd8600843b5a427554eab899a9de842eaa5dfd2d1fa0823e0f

Request headers

Referer: https://use.typekit.net/wnx0fhv.css
Origin: https://jumpcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:44 GMT
server: nginx
etag: "ff6115176ef40b2007d17b316eaeef44a30d492d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17028

GET
H2 200 vendors~scriptsLazy.8ac6c30bc698ca5ef227.js Show response
jumpcloud.com/wp-content/themes/jumpcloud/assets/js/ 30 KB
10 KB 17ms
16ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/js/vendors~scriptsLazy.8ac6c30bc698ca5ef227.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfd4f758f42a18107915c32db8a55ef7e9aff086abd8f296b87aaca07eabe0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:44 GMT
date: Thu, 13 Jul 2023 09:07:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35332
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6bb44578-8dsl4
content-length: 10358
x-served-by: cache-chi-kigq8000174-CHI, cache-fra-eddf8230103-FRA
last-modified: Mon, 10 Jul 2023 20:17:29 GMT
server: cloudflare
x-timer: S1689203933.887336,VS0,VE0
etag: W/"64ac6759-78c0"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: eccd23b5-1f6a-11ee-9e66-5e0a805aac42
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60609dac54695e-FRA
x-cache-hits: 2, 11

GET
H2 200 scriptsLazy.f3adf073f70041324479.js Show response
jumpcloud.com/wp-content/themes/jumpcloud/assets/js/ 47 KB
12 KB 16ms
16ms Script
application/x-javascript 2606:4700:4400::6812:2579
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jumpcloud.com/wp-content/themes/jumpcloud/assets/js/scriptsLazy.f3adf073f70041324479.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2579 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77aa5fc2b59e0b4b8c1b408f48f6daa0c8df988c39ef70fef03f00d4e40ebf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 13 Jul 2024 09:07:44 GMT
date: Thu, 13 Jul 2023 09:07:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
cf-cache-status: HIT
age: 35332
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-8854d7986-7sp7p
content-length: 11705
x-served-by: cache-chi-klot8100144-CHI, cache-fra-eddf8230047-FRA
last-modified: Mon, 10 Jul 2023 20:17:30 GMT
server: cloudflare
x-timer: S1689203933.888472,VS0,VE2
etag: W/"64ac675a-bc47"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: f7af96fb-1f72-11ee-b026-7a9cdb1b0df9
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7e60609dac55695e-FRA
x-cache-hits: 1, 1

GET
H2 204 148001358.js Show response
bat.bing.com/p/action/ 0
117 B 102ms
102ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148001358.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 13 Jul 2023 09:07:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ADF5CFC718AA4CDD8BF211913EAE2A75 Ref B: FRAEDGE2008 Ref C: 2023-07-13T09:07:44Z
x-cache: CONFIG_NOCACHE

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
segmentcdn.jumpcloud.com/analytics-next/bundles/ 9 KB
4 KB 41ms
41ms Script
application/javascript 2600:9000:20c3:c200:14:6ddd:bc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segmentcdn.jumpcloud.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c200:14:6ddd:bc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 18:31:02 GMT
x-amz-version-id: lb2hk.9GgU6UF84XsxwtKbHflnxwmj0R
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront), 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1, MUC50-C1
age: 3076603
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Jun 2023 16:06:26 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 45IhnM_L6e9SPkj28i2qNopLmOZdNNXifD1MWTlsMb1-m9DZPyO_xg==

GET
H2

200

/
www.google.de/pagead/1p-conversion/966047248/ Frame F1F2
Redirect Chain

https://www.googleadservices.com/pagead/conversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_prese...
https://www.google.com/pagead/1p-conversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=56787...
https://www.google.de/pagead/1p-conversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=567871...

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=567871998&sscte=1&crd=&pscrd=IhMI6IbX0qqLgAMV_8G7CB3zhQ1B&is_vtc=1&ocp_id=4b6vZKiSBP-D7_UP84u2iAQ&cid=CAQSKQBpAlJWvTtJbx97DTSTfKwMmCTgfg7d-kt0oRUQOS744Sgo7Pukl6ge&random=1626922138&ipr=y

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-TCQM2R

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/966047248/?url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=567871998&sscte=1&crd=&pscrd=IhMI6IbX0qqLgAMV_8G7CB3zhQ1B&is_vtc=1&ocp_id=4b6vZKiSBP-D7_UP84u2iAQ&cid=CAQSKQBpAlJWvTtJbx97DTSTfKwMmCTgfg7d-kt0oRUQOS744Sgo7Pukl6ge&random=1626922138&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
dc.ads.linkedin.com/collect/ Frame F1F2 0
0

GET 0
bat.bing.com/action/ Frame F1F2 0
0

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 24CD 45 KB
12 KB 8ms
7ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8d1982dbd63e50e0f1103e28f69c22401232bd19b5304502ad31828cde257665

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:44 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1897
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12053
x-served-by: cache-iad-kiad7000115-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239265.994327,VS0,VE0
etag: "60893c402e8e27ceaa4eeaa849d6a48a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27, 33

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 24CD 699 KB
120 KB 14ms
14ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8aae4196ebe99727bac2cd377254e0e26ea24a1e72f565c2e86eaeefb2d057d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:44 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1859
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 122799
x-served-by: cache-iad-kiad7000108-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239265.994573,VS0,VE1
etag: "df5d140632002c848edf0eba6a85aab0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 43, 80

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/623439251/ 3 KB
2 KB 97ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/623439251/?random=1689239265025&cv=11&fst=1689239265025&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&hn=www.googleadservices.com&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&did=dYWJhMj&gdid=dYWJhMj&auid=1971881386.1689239265&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0536b4265598bc1b7087bf42c31dd1eeb23272375f74c6dc583c0bca67a4b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/623439251/ 3 KB
2 KB 32ms
28ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/623439251/?random=1689239265049&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&label=B4GKCM-B7ZsDEJPbo6kC&hn=www.googleadservices.com&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&did=dYWJhMj&gdid=dYWJhMj&gtm_ee=1&auid=1971881386.1689239265&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2ad14efe3277f957408e1e8c619944fb2a68fba5f5ecba3ec14d4505868d63ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1625
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

activityi;dc_pre=CKjl3tKqi4ADFYyasgodDOQDDg;src=11226752;type=detec0;cat=jumpc0;ord=1272684977;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs
11226752.fls.doubleclick.net/ Frame D8D1
Redirect Chain

https://11226752.fls.doubleclick.net/activityi;src=11226752;type=detec0;cat=jumpc0;ord=1272684977;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs?
https://11226752.fls.doubleclick.net/activityi;dc_pre=CKjl3tKqi4ADFYyasgodDOQDDg;src=11226752;type=detec0;cat=jumpc0;ord=1272684977;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs?

0
0

GET
H2 200 swatch
fast.wistia.net/embed/medias/1gyatbjnbt/ Frame 24CD 3 KB
3 KB 11ms
11ms Image
image/jpeg 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/1gyatbjnbt/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0d52b52e8dc9dddd76fda7f5475ca18faa98e162f1eb122e324a19d1959070fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:45 GMT
access-control-request-method: *
via: 1.1 13f20f497c3eb55c7da0e314b603aaba.cloudfront.net (CloudFront), 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD89-C3
age: 623842
edge-cache-tag: 4a34f390f50f5280401e60c3513e876a
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 23
content-disposition: inline
content-length: 2807
x-served-by: cache-iad-kcgs7200130-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Mon, 21 Nov 2022 19:09:17 UTC
server: envoy
x-timer: S1689239265.093704,VS0,VE0
etag: v90lW0q50Y0m4iFk5fUB7uI49sQ=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JE2FhgHjSPXarMXxhJaW95o_6SOPSACd9ZaGslUP9G1PSZKRAD7iAA==
x-cache-hits: 2490, 3

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CF0E 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 117248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 19 Jul 2023 00:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF0E 15 KB
16 KB 63ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 461567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:54:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF0E 15 KB
15 KB 64ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 132248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 20:23:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CF0E 102 B
134 B 31ms
29ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbi70ZAAAAADiFVIi4n1etOyUxaCP2cLxtEd4Q&co=aHR0cHM6Ly9qdW1wY2xvdWQuY29tOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ax1u22mpboku
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 13 Jul 2023 09:07:45 GMT

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
segmentcdn.jumpcloud.com/analytics-next/bundles/ 2 KB
1 KB 55ms
55ms Script
application/javascript 2600:9000:20c3:c200:14:6ddd:bc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segmentcdn.jumpcloud.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c200:14:6ddd:bc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:12:09 GMT
x-amz-version-id: e_8NsG12mHXXBNKWqyao9lGej1KLP0y2
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront), 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1, MUC50-C1
age: 640537
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 20:53:10 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: YLTtdKXpHahqgalpikRWc3sGSMg2h7vHwKETV87CSL3fcCA8DMA3Kg==

GET
H2

200

/
www.google.de/pagead/1p-conversion/623439251/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/623439251/?random=1036482858&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjump...
https://www.google.com/pagead/1p-conversion/623439251/?random=1036482858&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2...
https://www.google.de/pagead/1p-conversion/623439251/?random=1036482858&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2F...

42 B
109 B

31ms
29ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/623439251/?random=1036482858&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&label=B4GKCM-B7ZsDEJPbo6kC&hn=www.googleadservices.com&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&did=dYWJhMj&gdid=dYWJhMj&gtm_ee=1&auid=1971881386.1689239265&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1HLXBRWVFsZmVlMk5HR25hMFpFaVlBYzlFbFdja1VPSnhMdDltSFUwLWRaU2pvR0t3OWs0VmpDamhNMHF6YzJKTDFyVGRPOUEaWENoQUk4TUctcFFZUXE0eUFoYWIta1lSR0VpNEFJQ19sdVhpRFFmVVJkbFZEbVRwMWxFbkFKd3YxSDNrRURaYTFWMHc4c1dLV214SVpodldlS3p3aWgyR04iEwjoidfSqouAAxWJwbsIHeX9BhE&is_vtc=1&ocp_id=4b6vZKiVBImD7_UP5fubiAE&cid=CAQSKQBpAlJWzz2T9rxAcBglZ_cBqq8Sow_5Mhl8MZctXyIJtCmtCHtbmw-b&random=1517994805&ipr=y

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/623439251/?random=1036482858&cv=11&fst=1689239265049&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&label=B4GKCM-B7ZsDEJPbo6kC&hn=www.googleadservices.com&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&did=dYWJhMj&gdid=dYWJhMj&gtm_ee=1&auid=1971881386.1689239265&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE1HLXBRWVFsZmVlMk5HR25hMFpFaVlBYzlFbFdja1VPSnhMdDltSFUwLWRaU2pvR0t3OWs0VmpDamhNMHF6YzJKTDFyVGRPOUEaWENoQUk4TUctcFFZUXE0eUFoYWIta1lSR0VpNEFJQ19sdVhpRFFmVVJkbFZEbVRwMWxFbkFKd3YxSDNrRURaYTFWMHc4c1dLV214SVpodldlS3p3aWgyR04iEwjoidfSqouAAxWJwbsIHeX9BhE&is_vtc=1&ocp_id=4b6vZKiVBImD7_UP5fubiAE&cid=CAQSKQBpAlJWzz2T9rxAcBglZ_cBqq8Sow_5Mhl8MZctXyIJtCmtCHtbmw-b&random=1517994805&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/623439251/ 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/623439251/?random=1689239265025&cv=11&fst=1689238800000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=463403788&rmt_tld=0&ipr=y

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/623439251/ 42 B
456 B 66ms
26ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/623439251/?random=1689239265025&cv=11&fst=1689238800000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=463403788&rmt_tld=1&ipr=y

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimizely.dynamic.js.gz Show response
segmentcdn.jumpcloud.com/next-integrations/integrations/optimizely/3.5.1/ 7 KB
3 KB 32ms
31ms Script
application/javascript 2600:9000:20c3:c200:14:6ddd:bc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segmentcdn.jumpcloud.com/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c200:14:6ddd:bc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae962a70d36874622214e00e5f0da33974facafc55fb443757d8615359c413a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 22 May 2023 00:16:09 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront), 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront)
x-amz-version-id: vVuHlFyU8YVx7Gy8.grgnbMKiwioKtki
x-amz-cf-pop: FRA6-C1, MUC50-C1
age: 4524697
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2586
last-modified: Wed, 03 May 2023 11:04:44 GMT
server: AmazonS3
etag: "6ac19b71da72b08483644c17ed6a4986"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: lBd5W6cUHA36n9RfxaG0X72fSiBtnIBD2U2svrBQxI__RmXqD5YsFg==

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 24CD 79 KB
21 KB 8ms
8ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

222af1497b4cd652d595ca7873e7bd0bd70ab3c49d99e02e4b35c7fb4e72e9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:45 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1859
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 20975
x-served-by: cache-iad-kiad7000173-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239265.453429,VS0,VE0
etag: "10fa61aeed60028314969e32cffc9951"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 31, 41

GET
H2 200 swatch
fast.wistia.net/embed/medias/1gyatbjnbt/ Frame 24CD 3 KB
3 KB 8ms
8ms Image
image/jpeg 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/1gyatbjnbt/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0d52b52e8dc9dddd76fda7f5475ca18faa98e162f1eb122e324a19d1959070fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:45 GMT
access-control-request-method: *
via: 1.1 13f20f497c3eb55c7da0e314b603aaba.cloudfront.net (CloudFront), 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD89-C3
age: 623842
edge-cache-tag: 4a34f390f50f5280401e60c3513e876a
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 23
content-disposition: inline
content-length: 2807
x-served-by: cache-iad-kcgs7200130-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Mon, 21 Nov 2022 19:09:17 UTC
server: envoy
x-timer: S1689239265.481625,VS0,VE0
etag: v90lW0q50Y0m4iFk5fUB7uI49sQ=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JE2FhgHjSPXarMXxhJaW95o_6SOPSACd9ZaGslUP9G1PSZKRAD7iAA==
x-cache-hits: 2490, 4

GET
H2 200 4a34f390f50f5280401e60c3513e876a.webp
embed-ssl.wistia.com/deliveries/ Frame 24CD 15 KB
16 KB 15ms
15ms Image
image/webp 2600:9000:2104:a600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/4a34f390f50f5280401e60c3513e876a.webp?image_crop_resized=640x360
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:a600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 552a0e9f4863f7512b535409555e2a03a1ea99457c6023563bcaa01d713db63e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:50:25 GMT
access-control-request-method: *
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: AMS1-C1
age: 2265440
edge-cache-tag: 4a34f390f50f5280401e60c3513e876a
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 189
content-disposition: inline
surrogate-key: 4a34f390f50f5280401e60c3513e876a thumbnail-delivery
last-modified: Mon, 21 Nov 2022 19:09:17 UTC
server: envoy
etag: EPFxYaJByIku_zCCq_c_BX-6Qvk=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: mJZswJ2uIVJJtPdeZnj3E_iGzOlmQEtbRFHCSyfNmagYhZIAmD82Iw==

POST
H2 200 mon Show response
june.takingbackjuly.com/ 0
40 B 108ms
108ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://june.takingbackjuly.com/mon
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://jumpcloud.com
date: Thu, 13 Jul 2023 09:07:45 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
segmentcdn.jumpcloud.com/next-integrations/integrations/vendor/ 73 KB
22 KB 45ms
45ms Script
application/javascript 2600:9000:20c3:c200:14:6ddd:bc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segmentcdn.jumpcloud.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c200:14:6ddd:bc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 03:34:22 GMT
content-encoding: gzip
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront), 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront)
x-amz-version-id: 1x6q_MsAdAkmPosImHjKsztmTTUAb2Vd
x-amz-cf-pop: FRA6-C1, MUC50-C1
age: 3130404
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 22177
last-modified: Wed, 03 May 2023 11:04:43 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: H_Qi7xvo7lC8SZbwl4fBaFMA_0yugEf2TV06LIUW2mCU0xIKDwxQNQ==

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 24CD 473 KB
115 KB 8ms
7ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24ca67869c96b6679fa50a249041f47ec3e4e87d1a5906197a34a110fd0b4003

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:45 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2090
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117502
x-served-by: cache-iad-kiad7000059-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Wed, 12 Jul 2023 15:35:43 GMT
server: AmazonS3
x-timer: S1689239266.579745,VS0,VE0
etag: "a8bf3bc8e6b5fc7c750622a76db80727"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2c710d1d8ab67abedb6c472cc46fdf22011e3b4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7, 35

GET
H2 200 async-api.30bd804e-1.236.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 41ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 366JrVMQzTPfkja9KvKWB.1FAlNj2g2u
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEGF3EKJ20GJ2M0B
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1418
x-amz-id-2: 7Bnp/acDFEVPOk4KkO8G7KCaEAPmVl9BEz+T2W3GECp7L6ot5oleCbOlovAlxmFTFBTt4vF0h30=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.672907,VS0,VE0
etag: "ce1527db8799a0ba1913b5c7b7f666aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2545

GET
H2 200 860.03a8b7a5-1.236.0.min.js Show response
js-agent.newrelic.com/ 14 KB
5 KB 43ms
12ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: iJSI6dlO2Ys6eX3e0ReqL6kXFai6YRCl
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG37M53ZHPNPYPQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5273
x-amz-id-2: gv55Gg66aMmrHkB8Fge6lNpTz6cyGgp4g3hGLfVUoXX8Ywtm0u+nP7Cq83BuwsuHuDSgB7+4MC4=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.673484,VS0,VE0
etag: "5c2d33afe15ef1ea0f7dfd3d77677165"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3961

GET
H2 200 session-manager.2a64278a-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
887 B 41ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a64278a-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: ur1tw3MWf2WErGuFKp0fYWjcNIfD4uOb
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: F0T0KRXCF42HDR2X
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 677
x-amz-id-2: chmyyZ+gRR6zkYZ+3vMJ32qO1vXfDlOxAuZMMzIY+AS2GnAwDXG8hGK8xI4QRjD1cmRKC3VRKOI=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.673133,VS0,VE0
etag: "a097cb2068fb2d63e521cacf139c921d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2451

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
173 B 524ms
169ms Fetch
application/json 44.238.187.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.187.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-187-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://jumpcloud.com
date: Thu, 13 Jul 2023 09:07:46 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 519ms
169ms Fetch
application/json 44.238.187.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.187.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-187-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://jumpcloud.com
date: Thu, 13 Jul 2023 09:07:46 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 405ms
90ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 418ms
97ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 418ms
95ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 438ms
115ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 438ms
113ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 445ms
109ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 490ms
89ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 509ms
95ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 509ms
95ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 540ms
94ms Preflight
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jumpcloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Thu, 13 Jul 2023 09:07:46 GMT

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 141ms
95ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 134ms
102ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 167ms
90ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 162ms
95ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 162ms
96ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 189ms
94ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 149ms
97ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 138ms
99ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 161ms
91ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
239 B 161ms
94ms XHR
text/plain 52.205.156.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.156.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-156-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://jumpcloud.com
Access-Control-Expose-Headers
Date: Thu, 13 Jul 2023 09:07:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
174 B 501ms
168ms Fetch
application/json 44.238.187.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.187.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-187-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://jumpcloud.com
date: Thu, 13 Jul 2023 09:07:46 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 1gyatbjnbt.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 24CD 940 B
1 KB 12ms
12ms XHR
application/x-mpegurl 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/1gyatbjnbt.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f01088e96f5eeaea98be600c0afb1e8eb5636060302b39c0db7b93c9a7a3a9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:45 GMT
x-player-privacy-mode: 1
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 47
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
x-envoy-upstream-service-time: 37
content-length: 940
x-request-id: 7b1701a5-4550-4822-9dcf-f7fab6d69185
x-served-by: cache-iad-kiad7000108-IAD, cache-fra-eddf8230050-FRA
x-runtime: 0.035841
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 114
server: envoy
x-timer: S1689239266.725050,VS0,VE2
etag: W/"f01088e96f5eeaea98be600c0afb1e8e"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 60496, 1

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 24CD 1 KB
1 KB 11ms
11ms Image
image/gif 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/1gyatbjnbt?videoFoam=true
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:45 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1927
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kiad7000175-IAD, cache-fra-eddf8230134-FRA
x-browser-version: 114
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1689239266.727512,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 338417, 40

GET
H2 200 lazy-feature-loader.2f55ce66-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
884 B 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: SNNZ70_ndPBZM4f5drSRay_oJEEp97f5
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEGDKDYAMFQT6R5V
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 435
x-amz-id-2: xrQ60wqPVy7njbGQJaMAoxW1ZbXN7jToII+PgtVwmYfznO3vHvTB0zXoVanUjEaGc5Y6C1AIk5c=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.746455,VS0,VE0
etag: "e43b565f398109176254b8a9394de5ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3943

GET
H2 200 148.1a20d5fe-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 16ms
13ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: ScUpW5z6XcbV4AsRwaGpjCwUtY9KtEdV
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEGCSGC0W9EB60VT
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3249
x-amz-id-2: RnX/69X59j0YEmOJZIej61dk2R6E0i47JxJl2JtlBTegNG/hLBJslK0O+SoecA24IzWGVFxnPg0=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.767003,VS0,VE0
etag: "bed1f74897d091a7dfc2b06e8a1e29a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1569

GET
H2 200 page_view_event-aggregate.06482edd-1.236.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 17ms
14ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: olBWVnN3KrZD.7AbCiVQ_LmF1ZBKIJEh
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG0G20JAAY1G1GR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4102
x-amz-id-2: ZmI1+PZGzHgg/9HTiUZurwSqPtQNpHBccTB2Chdf6IKRzVHz3wtddTZoDy1FX7PpqNnW+ncvqWc=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.767164,VS0,VE0
etag: "553d27144d4f9fbe7e31b802107a2071"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3925

GET
H2 200 page_view_timing-aggregate.bd6de33a-1.236.0.min.js Show response
js-agent.newrelic.com/ 15 KB
5 KB 13ms
12ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 9W2va1QLSUaCTJ3OoHH2ZOYSIAKsuvOr
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG9E846R1QCFG8V
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5367
x-amz-id-2: VXMN1ilK2pe4fta289xr7NSuAjTDPPdDBLrxuZ6WNJ2P9qLnLApxA5pESOv4R5er+ii418WL2hI=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.766894,VS0,VE0
etag: "01e96e9ff5c360298d13581ad38e60a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3903

GET
H2 200 metrics-aggregate.3dc53903-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 12ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Z8jxLQfOXuFmYqpMJ60TDp7HscNrmk8O
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: T9WATCNZXDW4W0PE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2880
x-amz-id-2: JlOL3h6YW9l3T5Wv3UIKced+6cWRgJjfCT3Vya4XA1nU1Xlf0KKGjRI7kguETxTd+dI2djlaEAs=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.766752,VS0,VE0
etag: "a912f1cb80b2d3cf15f10d9d022b6188"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1201

GET
H2 200 jserrors-aggregate.49e41428-1.236.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 9ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.49e41428-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: .ACjr0HqA7HhCmbDNUQuLIwun1cgXyhg
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG51DRPRQ4D8D2T
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3611
x-amz-id-2: VSPUm0suNQPCNdHkQdlVuDyPffgdqSUKTbSz299Dxchh17zVRxH2pbDLLnuadK9n2Oo6g91uIKM=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.766701,VS0,VE0
etag: "ea0f213ac446fa34c085f244b9573b9d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2812

GET
H2 200 ajax-aggregate.998ef92b-1.236.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 14ms
13ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.998ef92b-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: xVg3CmVvsRmAix36ZLYuy_uCZQf0TjpD
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG64D9TZC5JVVRS
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3002
x-amz-id-2: 8iaKM2uBXyUfYBe97LZj4jJTntnivqnrJgjucJmZIa6VjvaxKYT5RtqzKCASpzJSbykQfRz6NzM=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.766704,VS0,VE0
etag: "07e3c83179c7da2e2f464a72b084aacf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2663

GET
H2 200 session_trace-aggregate.83105561-1.236.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 12ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.83105561-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: JP1nny3GAhH60lOAbY5zpQuuXGmtQF2W
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEGBWW3BRDTRTHV6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4470
x-amz-id-2: m+FD/ZjZwJe0fGq3WReWi5kcNaFPSrih/EcBajvxwjorIVLI1OuXe8TZwsTDI0Gfu5PJP/Myg08=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.766728,VS0,VE0
etag: "4ef8d054860549421e884b3d2d74b83e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2794

GET
H2 200 page_action-aggregate.ac76d497-1.236.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 15ms
15ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: d39kPm7I27R6JP_9CC8D6A917GdgqR8V
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: F0TCY040H5SMWFCS
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1854
x-amz-id-2: q/xLR4Jethjfq5/cdcJDplL9HG6ZOMjPjVXduiMAC3Z7fMy3Y9ccPTXE0EASRPQC5tBf+bJSA74=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.767114,VS0,VE1
etag: "8862791debd0b259297a0ccf618932eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2039

GET
H2 200 spa-aggregate.e6b09d52-1.236.0.min.js Show response
js-agent.newrelic.com/ 20 KB
8 KB 11ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.e6b09d52-1.236.0.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: k3LNqXtDnYaGJRciEwS012KKWchlproy
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Jul 2023 09:07:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG7JAKTE3JMF4DX
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7366
x-amz-id-2: wIx0l+6iHy47Kej7cdkib0fVlNgOG36mXVxshYolaz0uNrUPxWpfU9zHIxXjMWm3rNVK/oFmOds=
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689239266.771838,VS0,VE0
etag: "27ef55ddf9eded9cf24ce8747e8bbe04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2062

POST
H/1.1 200
OK NRJS-fab3c186308bacb5a8a Show response
bam.nr-data.net/1/ 40 B
403 B 272ms
225ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-fab3c186308bacb5a8a?a=1524381909&v=1.236.0&to=YAZRZ0tRDBICAkRdX1lMclBNWQ0PTBJZWldbBh5ATEASDhEV&rst=4421&ck=0&s=7eacf012050f3db3&ref=https://jumpcloud.com/support/july-2023-iocs&af=err,xhr,stn,ins,spa&ap=356&be=124&fe=4147&dc=1456&at=TEFSEQNLHxw%3D&perf=%7B%22timing%22:%7B%22of%22:1689239261372,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:33,%22c%22:33,%22s%22:39,%22ce%22:55,%22rq%22:55,%22rp%22:124,%22rpe%22:134,%22di%22:1575,%22ds%22:1576,%22de%22:1579,%22dc%22:4266,%22l%22:4267,%22le%22:4271%7D,%22navigation%22:%7B%7D%7D&fp=1392&fcp=1392
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 13 Jul 2023 09:07:46 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://jumpcloud.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230053-FRA

POST
H2 204 x
distillery.wistia.com/ Frame 24CD 0
0 454ms
98ms Fetch 44.196.108.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.108.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-108-64.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 13 Jul 2023 09:07:46 GMT
cache-control: max-age=0, private, must-revalidate

POST
H/1.1 200
OK NRJS-fab3c186308bacb5a8a Show response
bam.nr-data.net/events/1/ 24 B
342 B 228ms
227ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-fab3c186308bacb5a8a?a=1524381909&v=1.236.0&to=YAZRZ0tRDBICAkRdX1lMclBNWQ0PTBJZWldbBh5ATEASDhEV&rst=4843&ck=0&s=7eacf012050f3db3&ref=https://jumpcloud.com/support/july-2023-iocs
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 13 Jul 2023 09:07:46 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://jumpcloud.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230053-FRA

POST
H2 200 mon Show response
june.takingbackjuly.com/ 0
40 B 106ms
105ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://june.takingbackjuly.com/mon
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://jumpcloud.com
date: Thu, 13 Jul 2023 09:07:46 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 302 KB
96 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCQM2R

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1535ebf05512f6f3f974c6e88eb002707431932c2b7b01550a874a9280e78417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 09:07:48 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 35 KB
11 KB 57ms
9ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 May 2023 00:27:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64641f64-8a3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 11052
expires: Thu, 13 Jul 2023 09:07:48 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966047248/ 3 KB
1 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966047248/?random=1689239268533&cv=11&fst=1689239268533&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&hn=www.googleadservices.com&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&auid=1971881386.1689239265&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70ef6d7c026f5a1bb61156e134dcd0025be0f3dbf101cf967d1a8636482e7628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
702 B 51ms
9ms Script
application/x-javascript 2a02:26f0:3100::1735:28a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:15:12 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=75592
accept-ranges: bytes
content-length: 490

GET
H2 200 hotjar-841705.js Show response
static.hotjar.com/c/ 9 KB
4 KB 123ms
52ms Script
application/javascript 52.222.139.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-841705.js?sv=7

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-110.ams50.r.cloudfront.net

Software

Resource Hash

1624112361b2c02f845ae236cd8a649a94ce6a6a29da3b389c9af3e23031ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/f2270c40d02c7f5b0178340158c34576
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: JtCrx0kWw76wqz9UewURZoXZSXvbotyQOkpKOmAOWVA2w75vCIPC_w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 08:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1949
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 13 Jul 2023 10:35:19 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 13 Jul 2023 09:07:48 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E920268EF862434580F0431583A181B9 Ref B: FRAEDGE2008 Ref C: 2023-07-13T09:07:48Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12195

GET
H3

200

activityi;dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https... Show response
11226752.fls.doubleclick.net/ Frame 5176
Redirect Chain

https://11226752.fls.doubleclick.net/activityi;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=ht...
https://11226752.fls.doubleclick.net/activityi;dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam...

462 B
291 B

59ms
58ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11226752.fls.doubleclick.net/activityi;dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCQM2R

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

325039e33e7a9fbea2fccd240706c8d02676096f7c55daebe84ea164f705ccbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 09:07:48 GMT
expires: Thu, 13 Jul 2023 09:07:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 09:07:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11226752.fls.doubleclick.net/activityi;dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wgmb0rm8 Show response
widget.intercom.io/widget/ 7 KB
3 KB 36ms
9ms Script
application/javascript 13.224.189.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/wgmb0rm8
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13b91916f718b98a5982418868c5a1957febe35307eea9cb6800655ef3d809b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: eQc.YrvE1GOWrVlz6BD5g2biN7E7qF8T
content-encoding: gzip
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
date: Thu, 13 Jul 2023 08:48:42 GMT
x-amz-cf-pop: FRA2-C1
age: 1233
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2678
last-modified: Wed, 12 Jul 2023 14:00:20 GMT
server: AmazonS3
etag: "af8ef3399b55062335421076e64384d1"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: QGvxho6iCbabqWlkEBjc_9zwqWIaObKaEJM1cDhS_YrhfQ52ITLY3Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 48ms
16ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jul 2023 09:07:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: IHrHuYnIQ8R++HFC3w/o5qSZ7Z3zD3Qb+Kogxe6cNX05D2KhorUyqIkOALqaCh7M9fl5GWkLJ6rtBRxstep/nQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 65ms
8ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 66ms
9ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230036-FRA

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
14 KB 77ms
20ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
x-amz-version-id: VqBO7svKfismDjrOf54BMqOIARlRLNs7
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: EFHR3G5GTGQA71CH
age: 6760731
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: BK/ROoScV68EuoV+02aoVjqhDqCbCQRyRQBXfzSS4mZCsmdX+tx3ckGhVazbLNyeb4CIhuyj9tNuPBfbUdnPpWM5v2t9D1znTtGlu4SQxBA=
last-modified: Sat, 22 Apr 2023 01:03:41 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:47078e63380c6b0cbbfb6d8508b25ee7
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 7e6060b4dafebb53-FRA
expires: Thu, 13 Jul 2023 13:07:48 GMT

GET
H2 200 trk Show response
a.smtrk.net/ 0
377 B 568ms
473ms Script
application/javascript 99.84.88.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.smtrk.net/trk?t=s&i=6023e2d7c54cbc06a0952256&p=t,i,x&s=dfdb6feefa95306136e8d43cf66b71fb&r=&u=https%3A//jumpcloud.com/support/july-2023-iocs
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-35.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:49 GMT
via: 1.1 847372cac152a2575995d0b13be85a88.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
x-amzn-trace-id: Root=1-64afbee5-472315a14c963f8c5bf56284;Sampled=0;lineage=a0059c7e:0
x-amzn-requestid: 206a5a00-bb87-4cc0-80d9-bca47f415c80
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: private, no-cache, no-store
x-amz-apigw-id: H_rD1EHUPHcFuuw=
content-length: 0
x-amz-cf-id: 7npN23vLmE3tfDsythc7lWGgSZZC8LQRQG4WUo7Ys1WuLqU69SXFlQ==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 83ms
32ms Script
text/javascript 2606:4700::6812:c9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 57536
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 7e6060b50e2692a8-FRA
expires: Thu, 13 Jul 2023 09:27:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11226752

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a13e9b134a6ac71f209af437ee72049b5eedf141ec3ffc4ab4b7aaa412989fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 62961
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 09:07:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W3GZW7C2Z8&l=dataLayer&cx=c

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71cf6f5d55be8b6512db444d1afdceeb50242184b2688bf82169d68025189027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 09:07:48 GMT

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 455ms
106ms Image
image/gif 44.207.218.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=53c0cec7-d826-46ea-8a7c-54147db9e8ee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.218.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-218-163.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 frame-modern.9ff95336.js Show response
js.intercomcdn.com/ Frame D29C 485 KB
136 KB 84ms
17ms Script
application/javascript 18.239.94.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.9ff95336.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/wgmb0rm8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-97.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9b4eeafb9307bcc4acf6d376b3584c8f737d743283892f69b29075e249a91af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: sVJFcvnY_cUUr1TbT91kUFHNN2P5xleC
content-encoding: gzip
via: 1.1 cf3f18e8f11a6f190c72103c7a43aac2.cloudfront.net (CloudFront)
date: Thu, 13 Jul 2023 08:00:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS1-P3
age: 4045
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 138163
last-modified: Wed, 12 Jul 2023 13:58:32 GMT
server: AmazonS3
etag: "2e0cf2359fb0200845dbeaa267f3e698"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: _33emDLXO-qK4mOcVmWIwR_ivmNy2oF9AbX_xnCWqeZJAzVgHhVi2g==

GET
H2 200 vendor-modern.a16075a9.js Show response
js.intercomcdn.com/ Frame D29C 241 KB
75 KB 112ms
45ms Script
application/javascript 18.239.94.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.a16075a9.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/wgmb0rm8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-97.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7f7420399b133e72b82d97986510702d79945995bbdcdf725570eda135b4e89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: JzaiHTX6npJSwhSvBATYU8keCeeh0mWo
content-encoding: gzip
via: 1.1 cf3f18e8f11a6f190c72103c7a43aac2.cloudfront.net (CloudFront)
date: Thu, 13 Jul 2023 08:51:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS1-P3
age: 973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 75744
last-modified: Wed, 12 Jul 2023 13:58:32 GMT
server: AmazonS3
etag: "de7446f5260b9a6b1464b6bb2aa48747"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 6GR8KhfcPLV3eaihTG6JOjZ1Zt02w_Zh7UEfv4gWvOoXODS4-r0kcw==

POST
H2 200 mon Show response
june.takingbackjuly.com/ 0
40 B 112ms
108ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://june.takingbackjuly.com/mon
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://jumpcloud.com
date: Thu, 13 Jul 2023 09:07:48 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 14ms
13ms Script
application/x-javascript 2a02:26f0:3100::1735:28a8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:00:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=69268
accept-ranges: bytes
content-length: 4807

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 26ms
9ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://jumpcloud.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
310 B 62ms
11ms XHR
text/html 2a02:26f0:480:23::1726:62a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:62a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 50658afdf69a9ae3177f81fe2156fcd616e766a401c8407de929f0936d3bd517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://jumpcloud.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::4
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469233_388391911_519738942_33_1360_8_0_-";dur=1
content-length: 23
expires: Thu, 13 Jul 2023 09:07:48 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 229ms
205ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=70571f1cff4950039a1ffc752141c61e&svisitor=null&visitor=35b51dc6-94f9-43ef-8cd4-4c7fc94bef66&session=6001fc8a-62ea-4f6e-8d84-a691e9be0be8&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2013%20Jul%202023%2009%3A07%3A48%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2013%20Jul%202023%2009%3A07%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2270571f1cff4950039a1ffc752141c61e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2013%20Jul%202023%2009%3A07%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2013%20Jul%202023%2009%3A07%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&pageViewId=dd9f5533-885a-4392-8f2c-c4bec52313a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 23ms
23ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1344919942&t=pageview&_s=1&dl=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&ul=en-us&de=UTF-8&dt=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=21819513&gjid=692121072&cid=1896442025.1689239269&tid=UA-43819347-1&_gid=1675979206.1689239269&_r=1&_slc=1&gtm=45He37a0n71TCQM2R&cd1=null&cd2=null&z=1282386127

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jumpcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 51ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-W3GZW7C2Z8&gtm=45je37a0&_p=1344919942&_gaz=1&gdid=dYWJhMj&cid=1896442025.1689239269&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689239268&sct=1&seg=0&dl=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&dt=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W3GZW7C2Z8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jumpcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 70ms
23ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W3GZW7C2Z8&cid=1896442025.1689239269&gtm=45je37a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W3GZW7C2Z8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jumpcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
26ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W3GZW7C2Z8&cid=1896442025.1689239269&gtm=45je37a0&aip=1&z=850123597

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/966047248/ 42 B
64 B 35ms
29ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966047248/?random=1689239268533&cv=11&fst=1689238800000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&fmt=3&is_vtc=1&random=3763247506&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/966047248/ 42 B
64 B 35ms
29ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966047248/?random=1689239268533&cv=11&fst=1689238800000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&frm=0&tiba=July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud&fmt=3&is_vtc=1&random=3763247506&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fjumpcloud.com%2Fsuppo...
adservice.google.com/ddm/fls/z/ Frame 5176 42 B
402 B 115ms
54ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs

Requested by

Host: 11226752.fls.doubleclick.net
URL: https://11226752.fls.doubleclick.net/activityi;dc_pre=CKyMrdSqi4ADFUjGsgodCbwPCA;src=11226752;type=detec0;cat=jumpc0;ord=9247180863756;gtm=45He37a0;auiddc=1971881386.1689239265;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11226752.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 55ms
22ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-43819347-1&cid=1896442025.1689239269&jid=21819513&gjid=692121072&_gid=1675979206.1689239269&_u=YEBAAEAAAAAAACAAI~&z=836007475

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Jul 2023 09:07:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jumpcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
638 B 156ms
104ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1689239268703&id=t2_25j2zqqe&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=02645e55-975a-4b85-9a00-ce5a7f5a4c86&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 165340827204077 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 71ms
69ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/165340827204077?v=2.9.111&r=stable

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e219dee9484970995d5c85c531bb1cc7dcedae4c251bb733e7dd589766c93992

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jul 2023 09:07:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: BPTAhxli13j4KLA79MZjScKaDnpJovaYQjmjAfADlFGJ/RqaKHphIDtNq9Ci+IkQnNXgoSk4aSx+lyvdHEs7tg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
378 B 183ms
130ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b3b78cbf-0f15-4786-961f-c15e1902f962&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d5a43cc0-9ec4-4bf6-b36e-daa381298c6e&tw_document_href=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3pir&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 116
date: Thu, 13 Jul 2023 09:07:47 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 09ffee749fc640ca
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3f478c34c80c83e1f68305f07b82ef2aed22c9cf948e17766909063dfc32e686
content-length: 43

GET adsct
analytics.twitter.com/i/ 0
0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
486 B 204ms
198ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=70571f1cff4950039a1ffc752141c61e&svisitor=null&visitor=35b51dc6-94f9-43ef-8cd4-4c7fc94bef66&session=6001fc8a-62ea-4f6e-8d84-a691e9be0be8&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2050%3Aa007%3A2%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22July%202023%20Incident%20Indicators%20of%20Compromise%20(IoCs)%20-%20JumpCloud%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&pageViewId=dd9f5533-885a-4392-8f2c-c4bec52313a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/373868/domain/jumpcloud.com/ 36 B
378 B 92ms
14ms XHR
application/json 2600:9000:2204:d400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/373868/domain/jumpcloud.com/token
Requested by: Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:d400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://jumpcloud.com/support/july-2023-iocs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:15:45 GMT
content-encoding: gzip
via: 1.1 ac979e099d122e39d3a8fac95688a69a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 3123
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 8kVmpU9pZYbUkDn4NqXXHwIcPpe49tN6qvgxZ-dxk94Wx7Vlz31crg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=373868&time=1689239268760&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D373868%26time%3D1689239268760%26url%3Dhttps%253A%252F%252Fjumpcloud.com%252Fsuppo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=373868&time=1689239268760&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=373868&time=1689239268760&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&liSync=true&e_ipv6=AQIymAF-Q7Dz_QAAAYlOga-hZs4dQ29vUIp3x_IQl...

0
266 B

233ms
187ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=373868&time=1689239268760&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&liSync=true&e_ipv6=AQIymAF-Q7Dz_QAAAYlOga-hZs4dQ29vUIp3x_IQltKDJaHusl_ERPyRWY_1QCHBmc0fQmXwbvQe
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E3AB316C803C4191A71EC129D11CD8BD Ref B: FRAEDGE1410 Ref C: 2023-07-13T09:07:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAWqqZh56jZZsUnfo1DQ==

Redirect headers

date: Thu, 13 Jul 2023 09:07:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1725D53A41FB4FAB961FF3B839167BA3 Ref B: VIEEDGE3309 Ref C: 2023-07-13T09:07:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=373868&time=1689239268760&url=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&liSync=true&e_ipv6=AQIymAF-Q7Dz_QAAAYlOga-hZs4dQ29vUIp3x_IQltKDJaHusl_ERPyRWY_1QCHBmc0fQmXwbvQe
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAWqqV3hVv2nM9xUna0A==

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/8e0c7154d6544427997a77c7e2f351e1/ 43 B
423 B 396ms
98ms Image
image/gif 34.239.234.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/8e0c7154d6544427997a77c7e2f351e1/pixel?j=1&u=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&tag=ViewContent&ts=1689239268763

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.239.234.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-239-234-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:07:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,94c9e5efeecbd55d6cb0925d80c04eea,10.0.0.80,53714,178.162.209.131,,270037891597,1,1689239269.104,0.001,,.,0,0,0.000,0.004,-,0,0,197,192,96,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 modules.fba0c9b2e1c5e125e170.js Show response
script.hotjar.com/ 270 KB
69 KB 79ms
24ms Script
application/javascript 13.227.219.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js

Requested by

Host: jumpcloud.com
URL: https://jumpcloud.com/support/july-2023-iocs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-120.ams54.r.cloudfront.net

Software

Resource Hash

4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 07:23:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 edd6d90087c4f2b49e182778a2273adc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 265481
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 70330
last-modified: Mon, 10 Jul 2023 07:22:19 GMT
etag: "0054d18e8d659772b0e915a12ecd8b15"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4hZP8dbQuuA5HcHPylu7GZH0Fz0uBCM8zkiozqhgG5tL872DaT1zYA==

GET gif.gif
ibc-flow.techtarget.com/a/ 0
0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-43819347-1&cid=1896442025.1689239269&jid=21819513&_u=YEBAAEAAAAAAACAAI~&z=68053817

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-43819347-1&cid=1896442025.1689239269&jid=21819513&_u=YEBAAEAAAAAAACAAI~&z=68053817

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame D29C 4 KB
2 KB 596ms
399ms XHR
application/json 3.208.133.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.9ff95336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.208.133.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-133-249.compute-1.amazonaws.com

Software

nginx /

Resource Hash

941694ecb73c0b5913b95994f2b3ed259dead8c395947f4fd98601c6428440a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Jul 2023 09:07:49 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-09843e20bb945f6e1
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 001c07qgo928guahusc0
x-runtime: 0.270338
server: nginx
etag: W/"941694ecb73c0b5913b95994f2b3ed25"
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jumpcloud.com
x-intercom-version: 3074944be7996eb439aaaf48b0f5829997a92ae7
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 37ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=165340827204077&ev=PageView&dl=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&rl=&if=false&ts=1689239268928&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689239268924.109607543&cs_est=true&it=1689239268714&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Jul 2023 09:07:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 79F5 0
72 B 8ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://jumpcloud.com
Referer: https://jumpcloud.com/support/july-2023-iocs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://jumpcloud.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 09:07:49 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 1c0071a1a7a244dc4edbad00c7a441ac.png
downloads.intercomcdn.com/i/o/308295/46294167cd0836b10688f4f2/ 818 B
2 KB 396ms
181ms Image
image/png 15.197.143.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/308295/46294167cd0836b10688f4f2/1c0071a1a7a244dc4edbad00c7a441ac.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.143.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

42b88a4953a2e8e9b511ff481c5ec663c69582efb7a03e10fb76d7599d3ea801

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:49 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-09843e20bb945f6e1
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="1c0071a1a7a244dc4edbad00c7a441ac.png"; filename*=UTF-8''1c0071a1a7a244dc4edbad00c7a441ac.png
x-xss-protection: 1; mode=block
x-request-id: 001dnvbcr7kt6fknnhog
x-runtime: 0.053455
last-modified: Wed, 29 Dec 2021 16:42:39 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: deny
content-type: image/png
x-intercom-version: 3074944be7996eb439aaaf48b0f5829997a92ae7
cache-control: max-age=86400, private

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 207ms
207ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:49 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 213ms
213ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jumpcloud.com/support/july-2023-iocs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:07:50 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039

Domain: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Domain: dc.ads.linkedin.com
URL: https://dc.ads.linkedin.com/collect/?pid=373868&fmt=gif

Domain: bat.bing.com
URL: https://bat.bing.com/action/0?ti=17024369&Ver=2

Domain: 11226752.fls.doubleclick.net
URL: https://11226752.fls.doubleclick.net/activityi;dc_pre=CKjl3tKqi4ADFYyasgodDOQDDg;src=11226752;type=detec0;cat=jumpc0;ord=1272684977;~oref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs?

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b3b78cbf-0f15-4786-961f-c15e1902f962&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d5a43cc0-9ec4-4bf6-b36e-daa381298c6e&tw_document_href=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3pir&type=javascript&version=2.3.29

Domain: ibc-flow.techtarget.com
URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=14485042&r=1689239268767&ref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&version=2.4

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jumpcloud.com/	1970-01-20 15:25:23	Name: _cq_duid Value: 1.1689239261.VaMABxVgbN4VNNF1
.jumpcloud.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1689239261.65WD3QDdvs0rsenp
.jumpcloud.com/	1970-01-20 17:33:11	Name: optimizelyEndUserId Value: oeu1689239261895r0.6267736595719682
june.takingbackjuly.com/	1970-01-20 21:17:49	Name: cg_uuid Value: 6be616d7926b3776be7545c2cc3f8af8
jumpcloud.com/	1970-01-20 21:59:35	Name: __pdst Value: e8441837d6da47e7961afec1ffb12c41
.jumpcloud.com/	1970-01-20 21:59:35	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jul+13+2023+09%3A07%3A44+GMT%2B0000+(GMT)&version=6.33.0&isIABGlobal=false&hosts=&consentId=c3899888-0443-4566-b3bd-03379ffa5e06&interactionCount=0&landingPath=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.jumpcloud.com/	1970-01-20 13:15:25	Name: _uetsid Value: bac88b10215c11eeb4e3b18d8d39b4b4
.jumpcloud.com/	1970-01-20 22:35:35	Name: _uetvid Value: bac8a270215c11eeaa62addd3f57719d
.jumpcloud.com/	1970-01-20 15:23:35	Name: _gcl_au Value: 1.1.1971881386.1689239265
.bing.com/	1970-01-20 22:35:35	Name: MUID Value: 199EF3CF07FE64651EC7E082062C65BE
.doubleclick.net/	1970-01-20 22:35:35	Name: IDE Value: AHWqTUlc8xS2BL5C8Js0blgWC0z35gXMJWJXRqN0l1VqO6pFaCdBOi9bwxfuTWMF
jumpcloud.com/	1969-12-31 23:59:59	Name: jc-preferred-lang Value: English
.linkedin.com/	1970-01-20 15:23:35	Name: li_sugr Value: f309a6c6-bc9b-4d59-9673-bef6711b4d05
.linkedin.com/	1970-01-20 21:59:35	Name: bcookie Value: "v=2&b70f3c47-68ec-4ad5-86e1-2d56c5d479c0"
.linkedin.com/	1970-01-20 13:15:25	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2785:u=1:x=1:i=1689239265:t=1689325665:v=2:sig=AQHg-dJKHgTJKmRWkfMEhZaz4X6HwA5u"
.jumpcloud.com/	1970-01-20 21:59:35	Name: ajs_anonymous_id Value: 5df6a463-3586-49e8-89a5-2a7019160e28
jumpcloud.com/	1970-01-20 22:49:59	Name: _gd_visitor Value: 35b51dc6-94f9-43ef-8cd4-4c7fc94bef66
jumpcloud.com/	1970-01-20 13:14:13	Name: _gd_session Value: 6001fc8a-62ea-4f6e-8d84-a691e9be0be8
.jumpcloud.com/	1970-01-20 13:15:25	Name: _gid Value: GA1.2.1675979206.1689239269
.jumpcloud.com/	1970-01-20 13:13:59	Name: _gat_UA-43819347-1 Value: 1
.techtarget.com/	1970-01-20 13:14:01	Name: __cf_bm Value: 0XMZVHcgyuAinRvL.KxEayz5x3CyMH7_v1fL60D4eWI-1689239268-0-AeAynNSVTbz9atGmbndQ7CuymIudjaWlb3kvAOSgeTRuKF4j722Qxmguu+T87cS2UPBfPnwRpc6/RaV7Zq397p4=
.jumpcloud.com/	1970-01-20 22:49:59	Name: _ga Value: GA1.1.1896442025.1689239269
.jumpcloud.com/	1970-01-20 22:49:59	Name: _ga_W3GZW7C2Z8 Value: GS1.1.1689239268.1.0.1689239268.60.0.0
.jumpcloud.com/	1970-01-20 15:23:35	Name: _rdt_uuid Value: 1689239268702.02645e55-975a-4b85-9a00-ce5a7f5a4c86
jumpcloud.com/	1970-01-20 13:15:25	Name: ln_or Value: eyIzNzM4NjgiOiJkIn0%3D
.t.co/	1970-01-20 22:49:59	Name: muc_ads Value: 9823b16b-fcdf-4299-970c-d542e3806d97
.jumpcloud.com/	1970-01-20 21:59:35	Name: _hjSessionUser_841705 Value: eyJpZCI6IjY4MTZkN2RiLWU3MjEtNWQyOS05NmRiLWZlYTliYzJmNmI1YyIsImNyZWF0ZWQiOjE2ODkyMzkyNjg4ODksImV4aXN0aW5nIjpmYWxzZX0=
.jumpcloud.com/	1970-01-20 13:14:01	Name: _hjFirstSeen Value: 1
.jumpcloud.com/	1970-01-20 13:13:59	Name: _hjIncludedInSessionSample_841705 Value: 0
.jumpcloud.com/	1970-01-20 13:14:01	Name: _hjSession_841705 Value: eyJpZCI6IjgxM2Y0Mjg5LWVmZWMtNDMyZC1iYjE2LTZlYTNmNzhjYTFkZiIsImNyZWF0ZWQiOjE2ODkyMzkyNjg5MTAsImluU2FtcGxlIjpmYWxzZX0=
.jumpcloud.com/	1970-01-20 13:14:01	Name: _hjAbsoluteSessionInProgress Value: 0
.jumpcloud.com/	1970-01-20 15:23:35	Name: _fbp Value: fb.1.1689239268924.109607543
.6sc.co/	1970-01-20 22:49:59	Name: 6suuid Value: aad0170202380200e4beaf649b0300008abc0900
.linkedin.com/	1970-01-20 13:57:11	Name: UserMatchHistory Value: AQLX1HQJ7h5SCAAAAYlOga39ExJ-emNGZS3iptddN5hUcVbPrBqUWRr3Q0YaHrEiT31In28X30oCfA
.linkedin.com/	1970-01-20 13:57:11	Name: AnalyticsSyncHistory Value: AQIqXvPGG1lTEAAAAYlOga39Pw3b93yOmBtQeE2kXGd-LlD_ZUD5CZzZlYzGX7HWEWiizX336kGHY_i-jSorow
.www.linkedin.com/	1970-01-20 21:59:35	Name: bscookie Value: "v=1&2023071309074994bcfc30-7f7b-421c-8f27-1e186a407737AQEDgLnRVdRxiO8rEOjxEKMZnvl2MaVX"
.linkedin.com/	1970-01-20 17:33:11	Name: li_gc Value: MTswOzE2ODkyMzkyNjk7MjswMjEO1QwXbNFnZautfVg2icxsnKs7ao1vRFrEuY6bjg0Y1A==
.jumpcloud.com/	1970-01-20 19:42:49	Name: intercom-id-wgmb0rm8 Value: f5b939e5-59df-41c8-a1f8-84f7681b6431
.jumpcloud.com/	1970-01-20 13:24:04	Name: intercom-session-wgmb0rm8 Value:
.jumpcloud.com/	1970-01-20 19:42:49	Name: intercom-device-id-wgmb0rm8 Value: fec2ffa4-e4a4-4c12-825a-611e8ff632eb

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://jumpcloud.com/support/july-2023-iocs Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'unsafe-inline' 'self' blob: https://widget.intercom.io/widget/wgmb0rm8 https://js.intercomcdn.com https://www.youtube.com https://bam.nr-data.net https://.takingbackjuly.com https://cdn-assets-prod.s3.amazonaws.com https://segmentcdn.jumpcloud.com https://cdn.jsdelivr.net https://.clarity.ms https://cloud.jumpcloud.com https://.calendly.com https://cdn.pdst.fm https://cdn.pdst.fm https://bam-cell.nr-data.net https://pi.pardot.com https://js-agent.newrelic.com https://analytics.twitter.com https://platform.twitter.com https://grow.clearbitjs.com https://a.smtrk.net https://trk.techtarget.com https://static.ads-twitter.com https://.wistia.net https://.wistia.com https://js.driftt.com https://a.quora.com https://scout-cdn.salesloft.com https://www.redditstatic.com https://connect.facebook.net https://bat.bing.com https://j.6sc.co https://snap.licdn.com https://cdn.segment.com https://ajax.googleapis.com https://www.facebook.com https://us-central1-adaptive-growth.cloudfunctions.net https://.hotjar.com https://.doubleclick.net https://cdn.cookielaw.org https://.optimizely.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://*.buzzsprout.com https://geolocation.onetrust.com https://www.gstatic.com https://www.googleadservices.com https://dyv6f9ner1ir9.cloudfront.net/assets/js/sloader.js". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://fast.wistia.com/assets/external/iframeApi.js(Line 1) Message: Allow attribute will take precedence over 'allowfullscreen'.
worker	verbose	URL: blob:https://jumpcloud.com/d98a57a7-54a5-4d87-bf7a-690f55baccde(Line 1) Message: Error
network	error	URL: https://bat.bing.com/action/0?ti=17024369&Ver=2 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://dc.ads.linkedin.com/collect/?pid=373868&fmt=gif Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
security	error	URL: https://jumpcloud.com/support/july-2023-iocs(Line 40) Message: Refused to connect to 'https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=14485042&r=1689239268767&ref=https%3A%2F%2Fjumpcloud.com%2Fsupport%2Fjuly-2023-iocs&version=2.4' because it violates the following Content Security Policy directive: "default-src 'self' blob: wss://.intercom.io https://.intercom.io https://.google.com https://bam.nr-data.net https://ct.capterra.com https://cdn.linkedin.oribi.io/partner/373868/domain/jumpcloud.com/token https://jumpcloud940.outgrow.us/ https://.takingbackjuly.com https://optanon.blob.core.windows.net https://segmentcdn.jumpcloud.com https://c.6sc.co/ https://ipv6.6sc.co/ https://scout.salesloft.com https://www.youtube.com https://secure.adnxs.com https://xd.adobe.com https://embedwistia-a.akamaihd.net https://bat.bing.com https://api.segment.io https://.litix.io https://calendly.com https://.wistia.com https://.wistia.net https://bam-cell.nr-data.net https://privacyportal.onetrust.com https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://js.driftt.com https://analytics.google.com/ https://cdn.segment.com https://ajax.googleapis.com https://www.facebook.com https://us-central1-adaptive-growth.cloudfunctions.net https://.hotjar.io https://.hotjar.com wss://.hotjar.com https://.doubleclick.net https://cdn.cookielaw.org https://.optimizely.com https://.clarity.ms https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.buzzsprout.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' blob: wss://.intercom.io https://.intercom.io https://.google.com https://bam.nr-data.net https://ct.capterra.com https://cdn.linkedin.oribi.io/partner/373868/domain/jumpcloud.com/token https://jumpcloud940.outgrow.us/ https://.takingbackjuly.com https://optanon.blob.core.windows.net https://segmentcdn.jumpcloud.com https://c.6sc.co/ https://ipv6.6sc.co/ https://scout.salesloft.com https://www.youtube.com https://secure.adnxs.com https://xd.adobe.com https://embedwistia-a.akamaihd.net https://bat.bing.com https://api.segment.io https://.litix.io https://calendly.com https://.wistia.com https://.wistia.net https://bam-cell.nr-data.net https://privacyportal.onetrust.com https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location https://js.driftt.com https://analytics.google.com/ https://cdn.segment.com https://ajax.googleapis.com https://www.facebook.com https://us-central1-adaptive-growth.cloudfunctions.net https://.hotjar.io https://.hotjar.com wss://.hotjar.com https://.doubleclick.net https://cdn.cookielaw.org https://.optimizely.com https://.clarity.ms https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.buzzsprout.com; font-src 'self' data: fonts.gstatic.com use.typekit.net; img-src 'self' data: blob: ; script-src 'unsafe-eval' 'unsafe-inline' 'self' blob: https://widget.intercom.io/widget/wgmb0rm8 https://js.intercomcdn.com https://www.youtube.com https://bam.nr-data.net https://.takingbackjuly.com https://cdn-assets-prod.s3.amazonaws.com https://segmentcdn.jumpcloud.com https://cdn.jsdelivr.net https://.clarity.ms https://cloud.jumpcloud.com https://.calendly.com https://cdn.pdst.fm https://cdn.pdst.fm https://bam-cell.nr-data.net https://pi.pardot.com https://js-agent.newrelic.com https://analytics.twitter.com https://platform.twitter.com https://grow.clearbitjs.com https://a.smtrk.net https://trk.techtarget.com https://static.ads-twitter.com https://.wistia.net https://.wistia.com https://js.driftt.com https://a.quora.com https://scout-cdn.salesloft.com https://www.redditstatic.com https://connect.facebook.net https://bat.bing.com https://j.6sc.co https://snap.licdn.com https://cdn.segment.com https://ajax.googleapis.com https://www.facebook.com https://us-central1-adaptive-growth.cloudfunctions.net https://.hotjar.com https://.doubleclick.net https://cdn.cookielaw.org https://.optimizely.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.buzzsprout.com https://geolocation.onetrust.com https://www.gstatic.com https://www.googleadservices.com https://dyv6f9ner1ir9.cloudfront.net/assets/js/sloader.js; style-src 'unsafe-inline' 'self' fonts.googleapis.com use.typekit.net p.typekit.net https://.calendly.com; media-src 'self' data: blob: ;
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11226752.fls.doubleclick.net
a.quora.com
a.smtrk.net
a553480116.cdn.optimizely.com
adservice.google.com
alb.reddit.com
analytics.twitter.com
api-iam.intercom.io
api.segment.io
august.takingbackjuly.com
b.6sc.co
bam.nr-data.net
bat.bing.com
c.6sc.co
cdn.cookielaw.org
cdn.linkedin.oribi.io
cdn.optimizely.com
cdn.pdst.fm
connect.facebook.net
data.adxcel-ec2.com
dc.ads.linkedin.com
distillery.wistia.com
downloads.intercomcdn.com
embed-ssl.wistia.com
errors.client.optimizely.com
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js-agent.newrelic.com
js.intercomcdn.com
jumpcloud.com
june.takingbackjuly.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
script.hotjar.com
segmentcdn.jumpcloud.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
t.co
trk.techtarget.com
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
11226752.fls.doubleclick.net
analytics.twitter.com
bat.bing.com
dc.ads.linkedin.com
fast.wistia.net
ibc-flow.techtarget.com
static.cloudflareinsights.com
104.244.42.5
13.107.42.14
13.224.189.49
13.227.219.120
142.250.186.38
142.250.186.66
146.75.116.157
15.197.143.135
151.101.2.137
151.101.65.140
162.159.152.17
162.247.243.29
18.239.94.97
2001:4860:4802:34::36
2001:4860:4802:36::36
23.197.128.15
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:20c3:c200:14:6ddd:bc80:93a1
2600:9000:2104:a600:1e:c86:4140:93a1
2600:9000:2204:d400:2:53b2:240:93a1
2600:9000:225b:6000:f:89ba:1c0:93a1
2606:4700:4400::6812:2579
2606:4700::6812:1d26
2606:4700::6812:a972
2606:4700::6812:c9f
2620:1ec:22::14
2620:1ec:c11::200
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a02:26f0:3100::1735:28a8
2a02:26f0:3500:88e::13b8
2a02:26f0:480:23::1726:62a7
2a02:26f0:480:f::213:7ece
2a02:26f0:480:f::213:7ed3
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::644
2a04:4e42:600::396
3.208.133.249
34.239.234.229
35.244.142.80
44.196.108.64
44.207.218.163
44.238.187.145
52.205.156.65
52.222.139.110
95.101.111.170
99.84.88.35
0152531ece5b19aa743208c31fd9f9284282bc97a2ec666de5cf770a9aeee0fa
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
02ae652aa5d5f1d5736fe83e10012889498c06c5d40aea59dff5eaf1b42a3bf4
04ae204217d793615fef27a84fe3baa493accb41e3b35ca6a2917f0384284311
0580e9e816da1883ab597af4ed3ea8e25d5325f39a64bc8951c2aa03045ca229
05e35ef5e8d309d079ddec6c6578db6a316b5b3bd34a206835291ff1c4ed228c
05f5c3c1577b97977d82a655f1a2b2c02b1b5fb63e397175866a678ecf80976a
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d1fcd33d270a8e9a9a3442b0f1182caea7cd4300a0094a4d4d99a812c0320cf
0d52b52e8dc9dddd76fda7f5475ca18faa98e162f1eb122e324a19d1959070fe
1021521fbf40f82a9f2f83581eea570bb5cb10a9cd56757e999edb2fb6f662e9
10d95beb65382a23541b3902f37b5d2075d0c5dba76629429637e5996e659668
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13b91916f718b98a5982418868c5a1957febe35307eea9cb6800655ef3d809b4
146b3872523f6561bf59bbb4505e216321d647659306438788362a1dce1a6d45
1510744315e101cd2f503452a89203aebd110e39b24ebea1e079c32042a15447
1535ebf05512f6f3f974c6e88eb002707431932c2b7b01550a874a9280e78417
15d7fd7a8d4f50180b0060f474771db5366ca9a37fc91a6fdf94c55af0f74373
1624112361b2c02f845ae236cd8a649a94ce6a6a29da3b389c9af3e23031ee6a
167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1
189159aeb82d7c71965b168f1364d75654f8e33a0785dc716103731425aea159
19f3bb8012b12f58272fdbd494a94e59ad75392ce28ea4d0b2922154f41e0935
1a50933c231329043b96d5ba48377e25539bc25519c5f8bbab0e016488e1312a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
222af1497b4cd652d595ca7873e7bd0bd70ab3c49d99e02e4b35c7fb4e72e9e7
24c43d74988730c99312d4a798f630cb900f2fa802869051d9b630628f485060
24ca67869c96b6679fa50a249041f47ec3e4e87d1a5906197a34a110fd0b4003
28c52779ad878e5d9734b510399168381cc81de782e02caff97589654eef0188
2ad14efe3277f957408e1e8c619944fb2a68fba5f5ecba3ec14d4505868d63ad
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2e130e6bf32fae2a3cca16864232b012c6e594602fd80c3c307adf8dfbd37986
2ed99bef6fdf75209e9a2f1911f14c64fe8a10e1508ded9d44037b3050bd612f
309abb0cf20e94cabfb70b068860024fb3dc7a44140dea8a95c5ce0d7fd05752
325039e33e7a9fbea2fccd240706c8d02676096f7c55daebe84ea164f705ccbc
34ae75103af996469e5ebd1f396bdaa2553d2c7f401f9c069714821ae4742a6b
36082d6055ae2cd017f681602b13beb92416726e0d57e968738963b1ec0b949b
3618d3af5aca10765adde4f941429c21365ee5febac1a24f10844c238a188fdc
36e765bf3e973cff44b58eabffb90b4f23249c842873c2d1a76f84de374d9116
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
39ead694ca881dd884f39320894e1d11f7e3ce6d86dcbad90c724101c59f4ec2
3c367992ade48a625434cbe8d710a9493f5d60f02770aa49714df02ae0802f58
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
3fac7e997323edd109bb80a3db3f7663154508f57260fc805e4a26d259e161f2
42b88a4953a2e8e9b511ff481c5ec663c69582efb7a03e10fb76d7599d3ea801
452135191efa0f90d520a936b4e9604894cb5b99a62ec277ce007949ee2fe100
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4a58cac8b6df4b0033384913e40759aad81f4606e475d8b6faf34aa95e8450cc
4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7
4cde4f9680f7d0b5f6d31a6dda6a472f836fa38f47149b72ab64a82038ce9f92
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
50658afdf69a9ae3177f81fe2156fcd616e766a401c8407de929f0936d3bd517
50a5c4dd84069b92273db6dc48c60cec63582767f48d9a8e1772ca55718ca8e2
536873ab97123904a2864c42dc014f8f67b04b68fdc2359d609806d299629f98
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5490892e0ada9be12ebabd9665b664524a8105522e0b071290f55e8c0f6b6b25
54ce2b8c1429fdb2312613e5b756a2f39e175b13433feeca2a38270afd86d053
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
552a0e9f4863f7512b535409555e2a03a1ea99457c6023563bcaa01d713db63e
570ce7a565a3a410eb01dcdd83f4a30228e67a780f4a8e5e30168e59d97d38d3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b0f772f4a0ddda704a3b90640c7cc5c0d4350fbaf9deb737c17a15661d3c7dd
5b3acf2de1acdcd7940db38ad5055f2abce6f853a69f3512f2cbf1060eb55a4e
5b41e6a8d4534782df60ae794523c25141f706b43387e824d442e21afb16444a
60c140d9afbd81e2a4098fa38071b29490dba0e5e334e67f9b33236d6708718b
60fbd0ffb77d3b64d6fb46cf9232ec6b2ca73dfb7770a3f08903fc377f046748
61b2d0a3bc927d214eb606a80059190197c273668bb48f1eab764083cefb2e4b
625425a56a434aab101d4af1dd120a0aaf280e9189980fc925535e610f24bd39
6736760a1c0c624190fee65234d5013a261ded35d345e6f278a3739719fac230
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6bcc73047800651076329489373e67962856c64c2f0c546196411e33633a849a
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
6e362edf2572f4eb4c9da549b8cdeca23bf9bc29068141ab555d33d1cea7804c
6f2e510a5b489b6a65e7eb26d4884bb2e257eed2152a04b099ed5e72c18340a8
6f896280f1b1305ff591eeb8f6a62d979af87dee1f432e9eebf5ef7cf3762ccc
70ef6d7c026f5a1bb61156e134dcd0025be0f3dbf101cf967d1a8636482e7628
712cc78ac515f422bd69e196118c53c1e22454385fb25933df32c7b7c4b13f2c
71cf6f5d55be8b6512db444d1afdceeb50242184b2688bf82169d68025189027
7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e
77aa5fc2b59e0b4b8c1b408f48f6daa0c8df988c39ef70fef03f00d4e40ebf4b
784a8fadab348ad6d2d79afc0afa939efd1a80661f9e72f935b5f940291906b6
79a825f080f5d401955c2b229b7ffc2a3a90c4a290e258256f892c86a3798384
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c10bcd4037fa23ad7e3c1f9c5f6a794a3ab0a26a72cc4d8aaf60ef5220920c7
7f7420399b133e72b82d97986510702d79945995bbdcdf725570eda135b4e89a
81b5318097825012bb257f590a0ff68a499d30ff7e61a0a1cd228efe7055a345
824604c53234faf12d9816b588a1ad5824e3d51fbbe28c79d97b74224a054ebc
843c8aaf7dde68a58b802d89536d50d1ba0087a703f977638b64965af3ce580c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
8a13e9b134a6ac71f209af437ee72049b5eedf141ec3ffc4ab4b7aaa412989fd
8aae4196ebe99727bac2cd377254e0e26ea24a1e72f565c2e86eaeefb2d057d0
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8af04a3bede1c8db6c5315ef7f2163e41154596d48763a59da86d3a437a2c582
8b65aefb46929195d149cc863369ee0a91c480132d1bae9df3151c6622f28594
8b7cb87c111c83b72ea298066171cf4a4fad7da28512fd26bee30585d65d25d4
8d1982dbd63e50e0f1103e28f69c22401232bd19b5304502ad31828cde257665
8dcb1a7b69b67c5c2e0f28ed05aea42e13d66f9e78fc17662e566d02fc02a5f4
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
90b53461ad125c8107cb60cb17d2c8e1a62bfcfde6d41d6f7532a2082c723d66
941694ecb73c0b5913b95994f2b3ed259dead8c395947f4fd98601c6428440a1
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96c32d434152ea65e025a4da07fc6961f7f18072d52df5bdfe7ac6afea106976
974ca3d98f2a11dcf310bf8f61c3cb7d543922a8f7ceec12d846058db07265f6
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b4eeafb9307bcc4acf6d376b3584c8f737d743283892f69b29075e249a91af1
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9d0709f30da46958311cb3a1eded6ea272077a95661d0ed0e07e91598b26c023
9d2c657b3e23da3bc48d80d77d5a8a787cacbecfb4a15a7c84a6c000e6792c47
9d30cd0d1a27989b224925a08530064b4f54290414c0617a60dfb9eb1bcb9872
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a256b91dd54d7cc37710eeba8dd39a3c970699a0d0b3c711076d083b6c0d7293
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad2df1d3ac00448cf75832b95fc3bf596a34ccf17d1e6f2f60f4b4c691c7669d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afbdff67bd6920203470b7ea7de82cd3508b5c8b3266c1c9f8b9afeab3560105
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b5f84eed917971eacc579590c0bdcf72ee3a94d5e546b7ea7afad59268450a2b
b6715e33848287dd8600843b5a427554eab899a9de842eaa5dfd2d1fa0823e0f
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b844c427ab2f2414b8b5a3772d5df9a29cbecb860c7cc45a1ced53c827660070
bc43b0353bc781351884f7b2fb8615f41ee148e169ea7fc62f63544f5d358a5d
be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0
bfd4f758f42a18107915c32db8a55ef7e9aff086abd8f296b87aaca07eabe0c0
c16131d3c9ce3128244c2b5e8cd2548c840bd0d985c0b117ba30c1108cc33126
c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921
c1a7e56224cfd8bd6fce973396480cd200b6c5d0e92739757ae20d06dd402d08
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2cf76ff852d2e95517b08111f27868137a6afba64ad34a4ea0e87c160e3a367
c4bf87c4244bc2563018aed497133dd23c87ee9774e5210d61ebd247367a54cb
c535c494eb4dbfb732fb09f9716097de5e1c84f1d841a5c98eb14903c1376270
c5cbb81c351c34f7df6ac8c8beccd62757b154b0246880438ca08ad9d264af30
c67b89008a548614d738260df4bba27eb39ecfdc774ed0fc0acdcca7350289ee
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
cae962a70d36874622214e00e5f0da33974facafc55fb443757d8615359c413a
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d03866075f8d7d4cdc46cbd2308ff6cb8642efaeb67b2065e02d35bdb73c6869
d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c
d198aa686d1152dea61220e984befd325376330286ffbeb9bba9d43347c2f065
d473071d7eb11b2e776a42e147ca3701757eeab8a0046cb8946670462d919281
d4ef68b8dd49032c184dbb9bdcc9790a9d55ceb2ed67a7810d46a19596b97e90
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff4d2ac67d11d84ddbb83b39b973714a2d0a4737d29b73a03f056e47896a190
e0839094a0f5d0f20dc868eb8b91942289ec146624fbd3719b6d82f8893d9dd9
e219dee9484970995d5c85c531bb1cc7dcedae4c251bb733e7dd589766c93992
e39a36209407fe9934c61b9c2da663b4a97ba418531e5b10bb0aaee1b59d06ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bec9af8e77fe2faa13f6e8a825df3f77ec8dadedc12f8a12198654e9a843e2
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
eb3fabfc38cb91e680aebd33909d35b194cfc5bde0b20a1b13aa70c7b8348741
ed322438e5f9242f61ffb0d83813d40419ac47aaf942a0fe8de27af198b20fca
ed645ac86cf1868576616bd8b191cab1d41e695a6982265010aa0da0ba64c2da
ed9fda7d39900ce35e6245694bec4f12ca97e9f97e3ee0c5c09fef38609faf6b
edf5e12d9d3961a49d0af32e4f5d2429b06792cfd32214567ba63016c17aa906
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5595b0cacbe64fd092ed3a7804051f90490b013ddc888d5572cc60ae431172
f01088e96f5eeaea98be600c0afb1e8eb5636060302b39c0db7b93c9a7a3a9df
f0536b4265598bc1b7087bf42c31dd1eeb23272375f74c6dc583c0bca67a4b21
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f4e146c630ba96055eaeab0c72d41681e2fb7f1ac4ff30358704cd319ffb2d85
f5da14392ce23dec9019e2cfa79d64d8a30611a659cf7458b08ab3ee7420ea8d
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e
fd0220b5553ec4f395d192ac1929b5a8d85883cbcf42807e392a2ba699d78d92
fdeda8ee18a5e9dde2498df6b41b66d4dd4a060efb6d263e664ff406e351eda7
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff6344250e4d71c1247bf8973dfff318ae7684f773ef79d7004e61e799fb0f47

jumpcloud.com Open in urlscan Pro 2606:4700:4400::6812:2579 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

253 Requests

96 %HTTPS

57 %IPv6

41 Domains

64 Subdomains

56 IPs

4 Countries

3140 kBTransfer

10573 kBSize

40 Cookies

14 Outgoing links

Redirected requests

253 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jumpcloud.com Open in urlscan Pro
2606:4700:4400::6812:2579 Public Scan

Screenshot
Live screenshot

Full Image

253
Requests

96 %
HTTPS

57 %
IPv6

41
Domains

64
Subdomains

56
IPs

4
Countries

3140 kB
Transfer

10573 kB
Size

40
Cookies

253 HTTP transactions
1 data transactions