urlscan.io logo urlscan.io
SecurityTrails logo

us.ri.logicnow.com Open in urlscan Pro
35.166.1.236  Public Scan

Go To Rescan Add Verdict Report
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Submission: On August 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 8 countries across 30 domains to perform 68 HTTP transactions. The main IP is 35.166.1.236, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is us.ri.logicnow.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on January 24th 2018. Valid for: 3 years.
This is the only time us.ri.logicnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 35.166.1.236 16509 (AMAZON-02)
2 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.155.125 16509 (AMAZON-02)
3 6 172.217.21.198 15169 (GOOGLE)
1 13.226.155.124 16509 (AMAZON-02)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.109.95.62 20940 (AKAMAI-ASN1)
5 104.111.239.158 16625 (AKAMAI-AS)
2 13.226.155.25 16509 (AMAZON-02)
1 192.28.144.124 15224 (OMNITURE)
1 216.58.207.66 15169 (GOOGLE)
5 192.28.144.84 15224 (OMNITURE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.155.60 16509 (AMAZON-02)
2 2 52.215.1.63 16509 (AMAZON-02)
1 2 13.226.155.78 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 151.101.12.157 54113 (FASTLY)
3 199.232.53.140 54113 (FASTLY)
2 45.60.13.212 19551 (INCAPSULA)
2 104.244.42.5 13414 (TWITTER)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 147.75.33.229 54825 (PACKET)
1 147.75.102.203 54825 (PACKET)
1 51.140.49.131 8075 (MICROSOFT...)
1 147.75.102.199 54825 (PACKET)
1 63.33.1.59 16509 (AMAZON-02)
1 2.18.234.190 16625 (AKAMAI-AS)
2 70.42.32.191 13789 (INTERNAP-...)
2 104.244.42.67 13414 (TWITTER)
68 36
5    35.166.1.236 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-1-236.us-west-2.compute.amazonaws.com
us.ri.logicnow.com
8    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    13.226.155.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-125.dus51.r.cloudfront.net
tag.demandbase.com
6    172.217.21.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f198.1e100.net
8558434.fls.doubleclick.net
9563899.fls.doubleclick.net
1    13.226.155.124 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-124.dus51.r.cloudfront.net
tracker.marinsm.com
3    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com
munchkin.marketo.net
5    104.111.239.158 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-158.deploy.static.akamaitechnologies.com
abrtp1-cdn.marketo.com
rtp-static.marketo.com
2    13.226.155.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-25.dus51.r.cloudfront.net
js.driftt.com
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
356-uvh-403.mktoresp.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
www.googleadservices.com
5    192.28.144.84 (United States)

ASN15224 (OMNITURE, US)
abrtp1.marketo.com
1    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.226.155.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-60.dus51.r.cloudfront.net
api.company-target.com
2    52.215.1.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    13.226.155.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-78.dus51.r.cloudfront.net
segments.company-target.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    199.232.53.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
2    45.60.13.212 (United States)

ASN19551 (INCAPSULA, US)
px.spiceworks.com
2    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    147.75.33.229 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12
static.hotjar.com
1    147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15
script.hotjar.com
1    51.140.49.131 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.leadforensics.com
1    147.75.102.199 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress10
vars.hotjar.com
1    63.33.1.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-1-59.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
amplifypixel.outbrain.com
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
Apex Domain
Subdomains		 Transfer
10 marketo.com
abrtp1-cdn.marketo.com
rtp-static.marketo.com
abrtp1.marketo.com
122 KB
10 doubleclick.net
stats.g.doubleclick.net
8558434.fls.doubleclick.net
9563899.fls.doubleclick.net
googleads.g.doubleclick.net
3 KB
8 google-analytics.com
www.google-analytics.com
53 KB
5 logicnow.com
us.ri.logicnow.com
161 KB
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
72 KB
3 outbrain.com
amplify.outbrain.com
tr.outbrain.com
amplifypixel.outbrain.com
3 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
1 KB
3 company-target.com
api.company-target.com
segments.company-target.com
2 KB
3 google.de
www.google.de
319 B
3 google.com
www.google.com
481 B
2 twitter.com
analytics.twitter.com
889 B
2 facebook.com
www.facebook.com
415 B
2 reddit.com
alb.reddit.com
372 B
2 t.co
t.co
572 B
2 spiceworks.com
px.spiceworks.com
7 KB
2 facebook.net
connect.facebook.net
165 KB
2 bing.com
bat.bing.com
8 KB
2 bidr.io
match.prod.bidr.io
1019 B
2 driftt.com
js.driftt.com
45 KB
2 marketo.net
munchkin.marketo.net
7 KB
1 leadforensics.com
secure.leadforensics.com
402 B
1 redditstatic.com
www.redditstatic.com
6 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 licdn.com
snap.licdn.com
2 KB
1 googleadservices.com
www.googleadservices.com
12 KB
1 mktoresp.com
356-uvh-403.mktoresp.com
304 B
1 marinsm.com
tracker.marinsm.com
305 B
1 demandbase.com
tag.demandbase.com
16 KB
1 googleapis.com
ajax.googleapis.com
30 KB
1 googletagmanager.com
www.googletagmanager.com
70 KB
68 30
Domain Requested by
8 www.google-analytics.com 2 redirects us.ri.logicnow.com
www.google-analytics.com
5 abrtp1.marketo.com abrtp1-cdn.marketo.com
rtp-static.marketo.com
5 us.ri.logicnow.com us.ri.logicnow.com
4 rtp-static.marketo.com abrtp1-cdn.marketo.com
4 8558434.fls.doubleclick.net 2 redirects www.googletagmanager.com
3 www.google.de us.ri.logicnow.com
3 www.google.com 2 redirects us.ri.logicnow.com
3 stats.g.doubleclick.net 2 redirects us.ri.logicnow.com
2 analytics.twitter.com static.ads-twitter.com
2 www.facebook.com us.ri.logicnow.com
2 alb.reddit.com us.ri.logicnow.com
2 t.co us.ri.logicnow.com
2 px.spiceworks.com www.googletagmanager.com
us.ri.logicnow.com
2 connect.facebook.net us.ri.logicnow.com
connect.facebook.net
2 px.ads.linkedin.com 1 redirects us.ri.logicnow.com
2 bat.bing.com www.googletagmanager.com
us.ri.logicnow.com
2 segments.company-target.com 1 redirects us.ri.logicnow.com
2 match.prod.bidr.io 2 redirects
2 9563899.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 js.driftt.com us.ri.logicnow.com
js.driftt.com
2 munchkin.marketo.net us.ri.logicnow.com
munchkin.marketo.net
1 amplifypixel.outbrain.com us.ri.logicnow.com
1 tr.outbrain.com us.ri.logicnow.com
1 amplify.outbrain.com us.ri.logicnow.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 secure.leadforensics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.redditstatic.com us.ri.logicnow.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 api.company-target.com tag.demandbase.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 356-uvh-403.mktoresp.com munchkin.marketo.net
1 abrtp1-cdn.marketo.com us.ri.logicnow.com
1 tracker.marinsm.com us.ri.logicnow.com
1 tag.demandbase.com us.ri.logicnow.com
1 ajax.googleapis.com us.ri.logicnow.com
1 www.googletagmanager.com us.ri.logicnow.com
68 42

This site contains links to these domains. Also see Links.

Domain
success.solarwindsmsp.com
Subject Issuer Validity Valid
*.ri.logicnow.com
RapidSSL TLS RSA CA G1		 2018-01-24 -
2021-02-22		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2018-09-20 -
2020-11-19		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.marinsm.com
DigiCert SHA2 Secure Server CA		 2020-02-24 -
2022-05-25		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
*.marketo.com
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
drift.com
Amazon		 2019-10-03 -
2020-11-03		 a year crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2022-01-21		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.company-target.com
Go Daddy Secure Certificate Authority - G2		 2019-06-19 -
2021-08-18		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
www.redditstatic.com
DigiCert SHA2 Secure Server CA		 2020-04-06 -
2020-10-03		 6 months crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-07-25 -
2021-04-28		 9 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA		 2020-04-06 -
2020-10-03		 6 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-06-17 -
2020-09-15		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-06-18 -
2020-09-16		 3 months crt.sh
*.leadforensics.com
Go Daddy Secure Certificate Authority - G2		 2019-11-28 -
2021-01-14		 a year crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-06-16 -
2020-09-14		 3 months crt.sh
*.hotjar.com
Amazon		 2019-09-27 -
2020-10-27		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh

This page contains 6 frames:

Primary Page: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Frame ID: DEB5ACDB4F2D9845763A2D32AEE9B7D7
Requests: 63 HTTP requests in this frame

Frame: https://8558434.fls.doubleclick.net/activityi;dc_pre=CKDapJOql-sCFUOKdwodnH4KlA;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'
Frame ID: 36DC3E7BE3BB654B09604847F115708A
Requests: 1 HTTP requests in this frame

Frame: https://9563899.fls.doubleclick.net/activityi;dc_pre=CLWIqJOql-sCFRu9dwodjfUNDw;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'
Frame ID: 290F3E7218FF33C45B50F0E97B6C3D72
Requests: 1 HTTP requests in this frame

Frame: https://8558434.fls.doubleclick.net/activityi;dc_pre=CNCVr5Oql-sCFUqKdwodBsYIRA;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'
Frame ID: C0EA3851E1260286D5FA1554E1A25B8C
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E4AEA8E5C252B2E056049BAB23C0ADC0
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 28FCD05E2632E7D25D5E5DB0D7B54111
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

68
Requests

100 %
HTTPS

34 %
IPv6

30
Domains

42
Subdomains

36
IPs

8
Countries

787 kB
Transfer

2795 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1370166394&t=pageview&_s=1&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&ul=en-us&de=UTF-8&dt=MSP%20Risk%20Intel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=350959204&gjid=812695530&cid=381907364.1597292472&tid=UA-90808347-1&_gid=2054303209.1597292472&_r=1&z=569930878 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90808347-1&cid=381907364.1597292472&jid=350959204&_gid=2054303209.1597292472&gjid=812695530&_v=j83&z=569930878
Request Chain 10
  • https://8558434.fls.doubleclick.net/activityi;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe' HTTP 302
  • https://8558434.fls.doubleclick.net/activityi;dc_pre=CKDapJOql-sCFUOKdwodnH4KlA;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'
Request Chain 13
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-52461231-1&cid=381907364.1597292472&jid=266275528&gjid=313812404&_gid=2054303209.1597292472&_u=aGDAgEADQ~&z=751956579 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=266275528&_v=j83&z=751956579 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=266275528&_v=j83&z=751956579&slf_rd=1&random=3578687182
Request Chain 17
  • https://9563899.fls.doubleclick.net/activityi;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe' HTTP 302
  • https://9563899.fls.doubleclick.net/activityi;dc_pre=CLWIqJOql-sCFRu9dwodjfUNDw;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'
Request Chain 19
  • https://8558434.fls.doubleclick.net/activityi;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe' HTTP 302
  • https://8558434.fls.doubleclick.net/activityi;dc_pre=CNCVr5Oql-sCFUqKdwodBsYIRA;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'
Request Chain 28
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AAHaPU6-aX8AAA_StOPLDg HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHaPU6-aX8AAA_StOPLDg&verifyHash=a390b5d24eb121fbcd17872026abe4865542f02e
Request Chain 36
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10019&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&time=1597292472776 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D10019%26url%3Dhttps%253A%252F%252Fus.ri.logicnow.com%252Fdownload_md5%252Fiscanruntime.exe%2527%26time%3D1597292472776%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10019&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&time=1597292472776&liSync=true
Request Chain 42
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1370166394&t=event&ni=1&_s=1&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&dp=%2Fdownload_md5%2Fiscanruntime.exe%27&ul=en-us&de=UTF-8&dt=MSP%20Risk%20Intel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDACEADR~&jid=1949932612&gjid=881366673&cid=381907364.1597292472&tid=UA-52461231-1&_gid=2054303209.1597292472&_r=1&gtm=2wg871M897H7&cd51=(Non-Company%20Visitor)&cd52=(Non-Company%20Visitor)&cd53=(Non-Company%20Visitor)&cd54=(Non-Company%20Visitor)&cd55=(Non-Company%20Visitor)&cd56=(Non-Company%20Visitor)&cd57=Bot&cd58=(Non-Company%20Visitor)&cd59=(Non-Company%20Visitor)&cd60=Utrecht&cd61=UT&cd62=Netherlands&cd63=(Non-Company%20Visitor)&cd64=(Non-Company%20Visitor)&cd65=(Non-Company%20Visitor)&cd66=(Non-Company%20Visitor)&cd67=NL&cd68=(Non-Company%20Visitor)&cd69=(Non-Company%20Visitor)&cd70=(Non-Company%20Visitor)&z=132711575 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52461231-1&cid=381907364.1597292472&jid=1949932612&_gid=2054303209.1597292472&gjid=881366673&_v=j83&z=132711575 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=1949932612&_v=j83&z=132711575 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=1949932612&_v=j83&z=132711575&slf_rd=1&random=1230508622

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set iscanruntime.exe'
us.ri.logicnow.com/download_md5/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.1.236 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-1-236.us-west-2.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
b258049c53c9f14a49a3fb5dc235e4f8de95946d647343f914c4eb7202176a82

Request headers

Host
us.ri.logicnow.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.10.2
Date
Thu, 13 Aug 2020 04:21:10 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Status
403 Forbidden
Set-Cookie
XSRF-TOKEN=khNo2c%2BM36%2FdOkDPjL8daxO8eN%2FthV4jEl%2FG2uvZJPQ%3D; path=/ _session_id=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWUzZWE0NTI2NzQ3OWJiYWM5YjUxZmVhYzZkZWNjZjlhBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMWtoTm8yYytNMzYvZE9rRFBqTDhkYXhPOGVOL3RoVjRqRWwvRzJ1dlpKUFE9BjsARg%3D%3D--e4c362f5a536f1b0edb909af55646b3139eea2c2; path=/; HttpOnly
X-Request-Id
8658acdb1c37dafef0e7e7f933b3136a
X-Runtime
0.024505
X-Rack-Cache
miss
X-Trace
2BD3C89E9A234835CC54132C645EF827C591DB19A8C1C8BBABFE8DA0AE00
Content-Encoding
gzip
site-bccc7782ee4e7b116f56174a8fc4ddd5.css
us.ri.logicnow.com/assets/css/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us.ri.logicnow.com/assets/css/site-bccc7782ee4e7b116f56174a8fc4ddd5.css
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.1.236 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-1-236.us-west-2.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
67961a127f9192e730df2fbc784f18955ca5acdcf0dc29c4462bb054c92fa8bf

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jun 2020 14:11:02 GMT
Server
nginx/1.10.2
ETag
"5ede46f6-1545"
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
5445
Expires
Thu, 31 Dec 2037 23:55:55 GMT
site-98c53e2b4d43c4431e3900e744704815.js
us.ri.logicnow.com/assets/ 		504 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.ri.logicnow.com/assets/site-98c53e2b4d43c4431e3900e744704815.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.1.236 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-1-236.us-west-2.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
8c50c5df5126eb91d6dfeb2369aa89f6150e32fc09ceec5f85ebac26bc3fc28e

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jun 2020 14:11:02 GMT
Server
nginx/1.10.2
ETag
"5ede46f6-25b35"
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
154421
Expires
Thu, 31 Dec 2037 23:55:55 GMT
hover-717c5d74455548b1061679a32c91ceac.js
us.ri.logicnow.com/assets/site/ 		1 KB
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://us.ri.logicnow.com/assets/site/hover-717c5d74455548b1061679a32c91ceac.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.1.236 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-1-236.us-west-2.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
a886defb04adb675e3d2306fce879c6b1180af4b0e95fac50e6fa310c930b335

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jun 2020 14:11:02 GMT
Server
nginx/1.10.2
ETag
"5ede46f6-1da"
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
474
Expires
Thu, 31 Dec 2037 23:55:55 GMT
hover-d3b7735eb7c5ff8e99a2ada13fcdcb37.css
us.ri.logicnow.com/assets/css/ 		1 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us.ri.logicnow.com/assets/css/hover-d3b7735eb7c5ff8e99a2ada13fcdcb37.css
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.1.236 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-1-236.us-west-2.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
068f08a553f5a241399a007864a645a1832105cec42bdf407eb2af732b1da98a

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jun 2020 14:11:02 GMT
Server
nginx/1.10.2
ETag
"5ede46f6-227"
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
551
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6450
date
Thu, 13 Aug 2020 02:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 13 Aug 2020 04:33:41 GMT
gtm.js
www.googletagmanager.com/ 		279 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a45045cbe8e5c9d10705d15dc145a519b80e668d9dd4f557a554c84b5bed135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71542
x-xss-protection
0
last-modified
Thu, 13 Aug 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Aug 2020 04:21:11 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1370166394&t=pageview&_s=1&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&ul=en-us&de=UTF-8&dt=MSP%20Risk%20Intel&s...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90808347-1&cid=381907364.1597292472&jid=350959204&_gid=2054303209.1597292472&gjid=812695530&_v=j83&z=569930878
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90808347-1&cid=381907364.1597292472&jid=350959204&_gid=2054303209.1597292472&gjid=812695530&_v=j83&z=569930878
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 13 Aug 2020 04:21:12 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90808347-1&cid=381907364.1597292472&jid=350959204&_gid=2054303209.1597292472&gjid=812695530&_v=j83&z=569930878
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 23:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102146
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 23:58:46 GMT
45f75356.min.js
tag.demandbase.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.demandbase.com/45f75356.min.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-125.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccb819063bcd5710677bf89ae2f261edc8d52b98c3a40edbd25072aac993b3ab

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
D6bBScy1.Y.kGJlAlaVAQFLNHRNyijpU
content-encoding
gzip
last-modified
Thu, 30 Jul 2020 17:48:20 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
date
Thu, 13 Aug 2020 04:21:13 GMT
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=3600
x-amz-cf-id
lop2imBEI65vt2gZsCNLpcSPNEDDewmuUc2r6k2ktPMa0Sif7lndLw==
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
js
www.google-analytics.com/gtm/ 		100 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NFCZXRB&t=gtm5&cid=381907364.1597292472&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5cabd1fd64a3bb9bf7c7d5ff82cded6f2f721ee03c3da1452a8ecf962c7d170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35069
x-xss-protection
0
expires
Thu, 13 Aug 2020 04:21:12 GMT
activityi;dc_pre=CKDapJOql-sCFUOKdwodnH4KlA;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscan...
8558434.fls.doubleclick.net/ Frame 36DC
Redirect Chain
  • https://8558434.fls.doubleclick.net/activityi;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fisc...
  • https://8558434.fls.doubleclick.net/activityi;dc_pre=CKDapJOql-sCFUOKdwodnH4KlA;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8558434.fls.doubleclick.net/activityi;dc_pre=CKDapJOql-sCFUOKdwodnH4KlA;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8558434.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKDapJOql-sCFUOKdwodnH4KlA;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 13 Aug 2020 04:21:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
410
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 13-Aug-2020 04:36:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 13 Aug 2020 04:21:12 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8558434.fls.doubleclick.net/activityi;dc_pre=CKDapJOql-sCFUOKdwodnH4KlA;src=8558434;type=rtrgt;cat=sitew0;ord=2022747820639;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
51874j61754.js
tracker.marinsm.com/tracker/async/ 		0
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.marinsm.com/tracker/async/51874j61754.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.124 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-124.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:51:38 GMT
via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
age
77374
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=172800
x-amz-cf-pop
DUS51-C1
x-marintrackerversion
3
content-length
0
x-amz-cf-id
vRPucdXScAfI6QLjdkfXeVdXOFcFebUT1pRNrZ0zv5Wu7SICrpC_LA==
expires
Wed, 12 Aug 2020 06:54:31 GMT
collect
www.google-analytics.com/ 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=1370166394&t=pageview&_s=1&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&dp=%2Fdownload_md5%2Fiscanruntime.exe%27&ul=en-us&de=UTF-8&dt=MSP%20Risk%20Intel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=266275528&gjid=313812404&cid=381907364.1597292472&tid=UA-52461231-1&_gid=2054303209.1597292472&gtm=2wg871M897H7&cd6=Not%20Set&cd9=381907364.1597292472&cd39=&cd46=Main&cd47=Not%20Set&cd49=Not%20Set&cd50=Not%20Set&cd48=Not%20Set&z=242559425
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Aug 2020 17:30:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39068
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-52461231-1&cid=381907364.1597292472&jid=266275528&gjid=313812404&_gid=2054303209.1597292472&_u=aGDAgEADQ~&z=751956579
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=266275528&_v=j83&z=751956579
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=266275528&_v=j83&z=751956579&slf_rd=1&random=3578687182
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=266275528&_v=j83&z=751956579&slf_rd=1&random=3578687182
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=266275528&_v=j83&z=751956579&slf_rd=1&random=3578687182
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-95-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
rtp.js
abrtp1-cdn.marketo.com/rtp-api/v1/ 		151 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=logicnow
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-158.deploy.static.akamaitechnologies.com
Software
Jetty(7.3.1.v20110307) /
Resource Hash
b2387b8ed353a0b2f27d12a53beccdb59ace299d19ff095c99d4a18f4e68eb60
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63113904
Content-Encoding
gzip
Last-Modified
Sat, 01 Aug 2020 01:36:10 GMT
Server
Jetty(7.3.1.v20110307)
Date
Thu, 13 Aug 2020 04:21:12 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
public, max-age=271
Connection
keep-alive
Content-Length
42190
ugy75sagcn73.js
js.driftt.com/include/1597292700000/ 		137 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1597292700000/ugy75sagcn73.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-25.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
aa371b695a477025f6fd48693baea5a6ed0ff4eb71c5a660d854e543b2370013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:12 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 11 Aug 2020 15:39:37 GMT
server
nginx
etag
W/"c0ffecccae38fb92e490ef3de88a7ffe"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control
max-age=10
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
QaKRWNjjG_66psGTQDYpLQ16tprpDY2TT6oLemYABQ6w8_TE2a2-zw==
activityi;dc_pre=CLWIqJOql-sCFRu9dwodjfUNDw;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fisca...
9563899.fls.doubleclick.net/ Frame 290F
Redirect Chain
  • https://9563899.fls.doubleclick.net/activityi;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fis...
  • https://9563899.fls.doubleclick.net/activityi;dc_pre=CLWIqJOql-sCFRu9dwodjfUNDw;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.r...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9563899.fls.doubleclick.net/activityi;dc_pre=CLWIqJOql-sCFRu9dwodjfUNDw;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9563899.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLWIqJOql-sCFRu9dwodjfUNDw;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 13 Aug 2020 04:21:12 GMT
expires
Thu, 13 Aug 2020 04:21:12 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
358
x-xss-protection
0
set-cookie
IDE=AHWqTUm7nZ-bplCuJeC27JjJW0exHgtCtXxS88EBEUrYfEHNFhfrA4FWkvz3uhdB; expires=Tue, 07-Sep-2021 04:21:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 13 Aug 2020 04:21:12 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9563899.fls.doubleclick.net/activityi;dc_pre=CLWIqJOql-sCFRu9dwodjfUNDw;src=9563899;type=retar0;cat=solar0;ord=3710165479019;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
munchkin.js
munchkin.marketo.net/159/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-95-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Sat, 21 Nov 2020 04:21:12 GMT
activityi;dc_pre=CNCVr5Oql-sCFUqKdwodBsYIRA;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscan...
8558434.fls.doubleclick.net/ Frame C0EA
Redirect Chain
  • https://8558434.fls.doubleclick.net/activityi;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fisc...
  • https://8558434.fls.doubleclick.net/activityi;dc_pre=CNCVr5Oql-sCFUqKdwodBsYIRA;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8558434.fls.doubleclick.net/activityi;dc_pre=CNCVr5Oql-sCFUqKdwodBsYIRA;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8558434.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNCVr5Oql-sCFUqKdwodBsYIRA;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm7nZ-bplCuJeC27JjJW0exHgtCtXxS88EBEUrYfEHNFhfrA4FWkvz3uhdB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 13 Aug 2020 04:21:12 GMT
expires
Thu, 13 Aug 2020 04:21:12 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
699
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 13 Aug 2020 04:21:12 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8558434.fls.doubleclick.net/activityi;dc_pre=CNCVr5Oql-sCFUqKdwodBsYIRA;src=8558434;type=rtrgt;cat=sitew0;ord=8445100042668;gtm=2wg871;auiddc=1137583536.1597292472;~oref=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe'?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
visitWebPage
356-uvh-403.mktoresp.com/webevents/ 		2 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://356-uvh-403.mktoresp.com/webevents/visitWebPage?_mchNc=1597292472404&_mchCn=&_mchId=356-UVH-403&_mchTk=_mch-logicnow.com-1597292472404-13450&_mchHo=us.ri.logicnow.com&_mchPo=&_mchRu=%2Fdownload_md5%2Fiscanruntime.exe%27&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Server
akka-http/10.1.11
Transfer-Encoding
chunked
X-Request-Id
d2a86ebe-ef85-4d7b-aa9a-b56dc65c0d05
Content-Type
text/plain; charset=UTF-8
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11332
x-xss-protection
0
server
cafe
etag
5272426352805486351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Aug 2020 04:21:12 GMT
jquery.min.js
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=logicnow
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Sep 2015 11:20:15 GMT
Server
AkamaiNetStorage
ETag
"3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
33467
jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by
Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=logicnow
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2017 08:57:42 GMT
Server
AkamaiNetStorage
ETag
"7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
3752
trw
abrtp1.marketo.com/gw1/ 		0
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrtp1.marketo.com/gw1/trw?aid=logicnow&trwv.uid=logicnow-1597292472662-132bccef&trwv.vc=1&trwsa.sid=logicnow-1597292472663-b9fde527&trwsb.cpv=1&ctzo=+02:00&uri=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&ma=id%3A356-UVH-403%26token%3A_mch-logicnow.com-1597292472404-13450&pm=&viewedTypes=&rts=1597292472668
Requested by
Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=logicnow
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.84 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Cache-Control
no-cache
Server
Jetty(7.3.1.v20110307)
Connection
close
Content-Length
0
Strict-Transport-Security
max-age=63113904
Content-Type
application/x-javascript; charset=UTF-8
ga-integration-2.0.2.js
rtp-static.marketo.com/rtp/libs/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.2.js
Requested by
Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=logicnow
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7fb58f6c6c2c3b61909e3b4bb9e199d95d5e2a4e39b58f25d1a9894971ed16b9

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Jul 2018 13:42:27 GMT
Server
AkamaiNetStorage
ETag
"52b7a5deba12e7e1147fcebaa9fd9691:1530625347"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
4977
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963932844/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963932844/?random=1597292472679&cv=9&fst=1597292472679&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&tiba=MSP%20Risk%20Intel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5ae59f5bc7f29eeed058b213bfb68c9dc8f915d8f73e1131bccea4700191ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1020
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ip.json
api.company-target.com/api/v2/ 		440 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&page_title=MSP%20Risk%20Intel&key=524bd0589275d50042b5ad081de9de07&src=tag
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/45f75356.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-60.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
51f57a3c7d8a7beb3e7d75e5c9efc04404b4270688be21d6570b423731c9ffaf

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:12 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
status
200
request-id
8445e6b5-86d3-4bc2-9e82-05accbacaa61
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://us.ri.logicnow.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
YSI2GOpDT6vMYSp8T7jThckGpISbd83SnB_eiss9BEScbQ0gwTybFg==
expires
Wed, 12 Aug 2020 04:21:12 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AAHaPU6-aX8AAA_StOPLDg
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHaPU6-aX8AAA_StOPLDg&verifyHash=a390b5d24eb121fbcd17872026abe4865542f02e
26 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHaPU6-aX8AAA_StOPLDg&verifyHash=a390b5d24eb121fbcd17872026abe4865542f02e
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-78.dus51.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
98ae873204ae79c2
X-Amz-Cf-Id
VSKknEkj-5zgTflJsS_mtyEQAEqfXE9dLCqKdw-eeeUMjHMAD1nx7w==

Redirect headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AAHaPU6-aX8AAA_StOPLDg&verifyHash=a390b5d24eb121fbcd17872026abe4865542f02e
Connection
keep-alive
trace-id
55b6f7595e5ca238
Content-Length
0
X-Amz-Cf-Id
1mNqNo3XA8trtvYWNABB_hqfwIk78lKmJ3WCfHVspyNkSQu_2p5WiA==
/
www.google.com/pagead/1p-user-list/963932844/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963932844/?random=1597292472679&cv=9&fst=1597291200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&tiba=MSP%20Risk%20Intel&async=1&fmt=3&is_vtc=1&random=2969882479&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963932844/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963932844/?random=1597292472679&cv=9&fst=1597291200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&tiba=MSP%20Risk%20Intel&async=1&fmt=3&is_vtc=1&random=2969882479&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
msg
abrtp1.marketo.com/gw1/ 		0
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrtp1.marketo.com/gw1/msg?a=2&sid=logicnow-1597292472663-b9fde527&aid=logicnow&ma=id%3A356-UVH-403%26token%3A_mch-logicnow.com-1597292472404-13450&viewedTypes=&0.7796823756540037&rts=1597292472719
Requested by
Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=logicnow
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.84 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Content-Encoding
gzip
Server
Jetty(7.3.1.v20110307)
Transfer-Encoding
chunked
Connection
close
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-cache
Strict-Transport-Security
max-age=63113904
bat.js
bat.bing.com/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:12 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref
Ref A: 1CFFEB87774D4513AA2D3776B597177D Ref B: FRAEDGE1419 Ref C: 2020-08-13T04:21:12Z
status
200
etag
"0e0bdafab5bd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8022
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=10121
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5599451&Ver=2&mid=a5d41a9d-3c69-a15c-8411-62a2f063c9b2&sid=72d22c1b2b36c56dde80ca3311129805&vid=f94519cd5b282a67dfb8cc593c945870&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=MSP%20Risk%20Intel&p=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&r=&lt=1780&evt=pageLoad&msclkid=N&sv=1&rn=707607
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 3365BCD8ECCF4AE8884B3F214C0C4C0A Ref B: FRAEDGE1419 Ref C: 2020-08-13T04:21:12Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-custom-ui.min.js
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by
Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=logicnow
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2018 12:54:21 GMT
Server
AkamaiNetStorage
ETag
"5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
35484
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10019&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&time=1597292472776
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D10019%26url%3Dhttps%253A%252F%252Fus.ri.logicnow.com%252Fdownload_md5%252Fiscanru...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10019&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&time=1597292472776&liSync=true
0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10019&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&time=1597292472776&liSync=true
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
6xc5oAq5KhZgKAWvvyoAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
status
302
content-length
0
x-li-uuid
dxtcmQq5KhZAQhlESCsAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: 1979E398646340BF91D20C3D66431059 Ref B: FRAEDGE0718 Ref C: 2020-08-13T04:21:12Z
x-frame-options
sameorigin
date
Thu, 13 Aug 2020 04:21:12 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=10019&url=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&time=1597292472776&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
jybKVb9ncLT2Ca7XGt8CZ3LjdzyztVq09f+1c9saNWGhvfroVPzc+bnBRIdGsJRFG/c7jN3G7VOMY0yF5ZQnuQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 13 Aug 2020 04:21:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:12 GMT
content-encoding
gzip
age
15443
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1958
x-served-by
cache-fra19121-FRA
last-modified
Mon, 10 Aug 2020 18:10:59 GMT
x-timer
S1597292473.839572,VS0,VE0
etag
"a4cc3f907681b24a3efd540acd5d2996+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
pixel.js
www.redditstatic.com/ads/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:12 GMT
content-encoding
gzip
last-modified
Tue, 30 Jun 2020 17:04:46 GMT
server
snooserv
etag
"85ee817cda81317b49d1d3056f6bdf95"
vary
Accept-Encoding,Origin
content-type
application/javascript
status
200
cache-control
public, max-age=60
accept-ranges
bytes
content-length
5809
via
1.1 varnish, 1.1 varnish
px.js
px.spiceworks.com/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.spiceworks.com/px.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.212 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c0793785cccba0b9e49a1b9da29623b5dd21555e20f902eba777fe417672f226

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-iinfo
5-10322822-10322823 NNYN CT(16 36 0) RT(1597292471926 0) q(0 0 0 0) r(0 0) U5
date
Thu, 13 Aug 2020 04:21:12 GMT
content-encoding
gzip
x-cdn
Incapsula
content-type
text/javascript
1250821755042858
connect.facebook.net/signals/config/ 		524 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1250821755042858?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2168ab7969cfe25409f185ad622a2ec0c78ba083fd79cf021387d8995a2e51e9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
fp1EsXDCTsfyRXh9LQM7EvRksUYCzylUK7h4opC/ITmUquJjaJbGgdafFRc64hM7Vf3OLWVv2fIwpZd3k1pu4g==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 13 Aug 2020 04:21:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1370166394&t=event&ni=1&_s=1&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&dp=%2Fdownload_md5%2Fiscanruntime...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52461231-1&cid=381907364.1597292472&jid=1949932612&_gid=2054303209.1597292472&gjid=881366673&_v=j83&z=132711575
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=1949932612&_v=j83&z=132711575
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=1949932612&_v=j83&z=132711575&slf_rd=1&random=1230508622
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=1949932612&_v=j83&z=132711575&slf_rd=1&random=1230508622
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Aug 2020 04:21:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52461231-1&cid=381907364.1597292472&jid=1949932612&_v=j83&z=132711575&slf_rd=1&random=1230508622
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o2k4f&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Thu, 13 Aug 2020 04:21:12 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
39cbda7df74ed093b8e109ebc54b9e38
x-transaction
00261d5b001da0d6
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nvm6o&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
119
pragma
no-cache
last-modified
Thu, 13 Aug 2020 04:21:12 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
39cbda7df74ed093b8e109ebc54b9e38
x-transaction
00d0b7b9009b1e70
expires
Tue, 31 Mar 1981 05:00:00 GMT
rp.gif
alb.reddit.com/ 		42 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1597292472875&id=t2_28dw0xqy&event=PageVisit&uuid=1ad65e08-5091-4edd-ab0b-107955efb55d&s=Mczd64QzYvizkd%2BiAPq4fpuVgxzKw%2B1CqXr3NMSldzo%3D
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
retry-after
0
rp.gif
alb.reddit.com/ 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1597292472877&id=t2_28dw0xqy&event=PageVisit&uuid=1ad65e08-5091-4edd-ab0b-107955efb55d&s=PVVAqlzfJ5OsLeg1UqCCZSWk1DQk5p%2FCvXx69A%2FNEes%3D
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
retry-after
0
/
www.facebook.com/tr/ 		44 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1250821755042858&ev=PageView&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&rl=&if=false&ts=1597292472937&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1597292472936.118411016&it=1597292472806&coo=false&rqm=GET
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 13 Aug 2020 04:21:12 GMT
g1z5
px.spiceworks.com/px/ 		42 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.spiceworks.com/px/g1z5?buster=901&pxref=&_fpv=2.4&_fpt=3&_fp2=b6ca21534d91f677657b33d3d012efd3
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.212 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-iinfo
5-10322827-10322828 NNNN CT(18 38 0) RT(1597292472035 0) q(0 0 0 -1) r(1 1) U5
date
Thu, 13 Aug 2020 04:21:13 GMT
x-cdn
Incapsula
content-length
42
content-type
image/gif
hotjar-837903.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-837903.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress12
Software
/
Resource Hash
065779976ab0cb0d71cdb867d661b00b7792d23fba409fb2eef90016bc1626b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjarjs
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
content-length
1731
cache-control
max-age=60
etag
W/0ccb15a26534d794f87746a2b6561545
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.017
accept-ranges
bytes
section-io-id
6454595c0c3cd78e2889a81ce5020972
section-origin-responded
true
modules.3bdaf89b2eed32b88847.js
script.hotjar.com/ 		357 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.3bdaf89b2eed32b88847.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-837903.js?sv=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress15
Software
/
Resource Hash
045ef2ddf92b95a929334641e172b799a23eee73c02f38e878279bb1ea001ce8

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
content-encoding
br
age
67384
status
200
section-io-cache
Hit
content-length
71038
last-modified
Wed, 12 Aug 2020 09:34:55 GMT
etag
"b7f7a52d65a05dfcc4e126c6e668c4e2"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
section-io-id
c00e6e7da7f75545a341bb8296f3babf
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
55042.js
secure.leadforensics.com/js/ 		15 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.leadforensics.com/js/55042.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M897H7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.49.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4f640a1cb109bf8dd4726943737b18e3c86dc0d40652825bf1a35cf925257288

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Aug 2020 04:21:12 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, must-revalidate
Transfer-Encoding
chunked
Expires
0
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame E4AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-837903.js?sv=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.199 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress10
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'

Response headers

status
200
date
Thu, 13 Aug 2020 04:21:13 GMT
content-type
text/html
content-length
851
last-modified
Mon, 10 Aug 2020 17:19:54 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.029
section-origin-responded
true
age
197883
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
44d925fcc76cfad646c4938698edbbd6
visit-data
in.hotjar.com/api/v2/client/sites/837903/ 		178 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/837903/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3bdaf89b2eed32b88847.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.1.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-1-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
content-encoding
br
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
obtp.js
amplify.outbrain.com/cp/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c0161becb5fafacfce1ed84b0cb433d722cd05f49a9bddd970f3beda387f4ac1

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jul 2020 06:46:19 GMT
Server
AkamaiNetStorage
ETag
"0e73951387d5f29371176e76c57bc02c:1595832379.898009"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2622
Expires
Thu, 13 Aug 2020 04:41:13 GMT
pixel
tr.outbrain.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/pixel?marketerId=00c70c51213ed1d8231b100873278136c6&obApiVersion=1.1&obtpVersion=1.2.0&name=PAGE_VIEW&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&optOut=false&bust=07007138114833598
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Cache-Control
no-cache
Connection
close
X-TraceId
aee31509f300352e8bab0e7285a8326e
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
pixel
amplifypixel.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifypixel.outbrain.com/pixel?mid=00c70c51213ed1d8231b100873278136c6&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&bust=01313797577825666
Requested by
Host: us.ri.logicnow.com
URL: https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Cache-Control
no-cache
X-TraceId
4263b73c6efd956ef8d1492df66c0f86
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
msg
abrtp1.marketo.com/gw1/ 		0
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrtp1.marketo.com/gw1/msg?a=2&sid=logicnow-1597292472663-b9fde527&aid=logicnow&ma=id%3A356-UVH-403%26token%3A_mch-logicnow.com-1597292472404-13450&viewedTypes=&0.3794610444018849&rts=1597292473346
Requested by
Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=logicnow
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.84 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Content-Encoding
gzip
Server
Jetty(7.3.1.v20110307)
Transfer-Encoding
chunked
Connection
close
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-cache
Strict-Transport-Security
max-age=63113904
visitor
abrtp1.marketo.com/gw1/rtp/api/v1_1/ 		206 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://abrtp1.marketo.com/gw1/rtp/api/v1_1/visitor?sid=logicnow-1597292472663-b9fde527&aid=logicnow&1597292473635
Requested by
Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.84 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
d4ebf3c82c499fcd9202af5f09889c24c43d2f638a450515a0075f1d67de9898
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Aug 2020 04:21:13 GMT
Content-Encoding
gzip
Last-Modified
Wed Aug 12 23:21:13 CDT 2020
Server
Jetty(7.3.1.v20110307)
Strict-Transport-Security
max-age=63113904
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://us.ri.logicnow.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
close
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sgm
abrtp1.marketo.com/gw1/ga/ 		48 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://abrtp1.marketo.com/gw1/ga/sgm?sid=logicnow-1597292472663-b9fde527&1597292473636
Requested by
Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.84 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 04:21:13 GMT
Server
Jetty(7.3.1.v20110307)
Strict-Transport-Security
max-age=63113904
Content-Type
text/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Length
48
adsct
analytics.twitter.com/i/ 		31 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o2k4f&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Thu, 13 Aug 2020 04:21:13 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
af55f36d12ad44df9134bde59092c16c
x-transaction
0005052c00e4a174
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nvm6o&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Thu, 13 Aug 2020 04:21:13 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
af55f36d12ad44df9134bde59092c16c
x-transaction
00bc1dee00554b6b
expires
Tue, 31 Mar 1981 05:00:00 GMT
index.html
js.driftt.com/deploy/assets/ Frame 28FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/deploy/assets/index.html
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1597292700000/ugy75sagcn73.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-25.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/deploy/assets/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
894
server
nginx
last-modified
Tue, 11 Aug 2020 15:39:36 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Aug 2020 04:21:13 GMT
etag
"51220d09f1e4cc2b544df78bc862256a"
cache-control
max-age=10
x-cache
Hit from cloudfront
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
9LbYO4AOjkSn1hD73VszO-xoUEwZ1D0DqFZTfK0Q9xDWAF5CObD4jg==
collect
www.google-analytics.com/ 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=1370166394&t=event&ni=1&_s=2&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&ul=en-us&de=UTF-8&dt=MSP%20Risk%20Intel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP&ea=Organization&el=Tefincom%20S.A.&_u=aHDACEADR~&jid=&gjid=&cid=381907364.1597292472&tid=UA-90808347-1&_gid=2054303209.1597292472&cd27=Tefincom%20S.A.&z=8184428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Aug 2020 17:30:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39070
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=1370166394&t=event&ni=1&_s=2&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&dp=%2Fdownload_md5%2Fiscanruntime.exe%27&ul=en-us&de=UTF-8&dt=MSP%20Risk%20Intel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP&ea=Organization&el=Tefincom%20S.A.&_u=aHDACEADR~&jid=&gjid=&cid=381907364.1597292472&tid=UA-52461231-1&_gid=2054303209.1597292472&gtm=2wg871M897H7&cd51=(Non-Company%20Visitor)&cd52=(Non-Company%20Visitor)&cd53=(Non-Company%20Visitor)&cd54=(Non-Company%20Visitor)&cd55=(Non-Company%20Visitor)&cd56=(Non-Company%20Visitor)&cd57=Bot&cd58=(Non-Company%20Visitor)&cd59=(Non-Company%20Visitor)&cd60=Utrecht&cd61=UT&cd62=Netherlands&cd63=(Non-Company%20Visitor)&cd64=(Non-Company%20Visitor)&cd65=(Non-Company%20Visitor)&cd66=(Non-Company%20Visitor)&cd67=NL&cd68=(Non-Company%20Visitor)&cd69=(Non-Company%20Visitor)&cd70=(Non-Company%20Visitor)&cd27=Tefincom%20S.A.&z=858972344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Aug 2020 17:30:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39070
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=1370166394&t=event&ni=1&_s=2&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&dp=%2Fdownload_md5%2Fiscanruntime.exe%27&ul=en-us&de=UTF-8&dt=MSP%20Risk%20Intel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP&ea=Organization&el=Tefincom%20S.A.&_u=aHDAiEADR~&jid=&gjid=&cid=381907364.1597292472&tid=UA-52461231-1&_gid=2054303209.1597292472&gtm=2wg871M897H7&cd6=Not%20Set&cd9=381907364.1597292472&cd39=&cd46=Main&cd47=Not%20Set&cd49=Not%20Set&cd50=Not%20Set&cd48=Not%20Set&cd27=Tefincom%20S.A.&z=1144633230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Aug 2020 17:30:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39070
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1250821755042858&ev=Microdata&dl=https%3A%2F%2Fus.ri.logicnow.com%2Fdownload_md5%2Fiscanruntime.exe%27&rl=&if=false&ts=1597292474440&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MSP%20Risk%20Intel%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1597292472936.118411016&it=1597292472806&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://us.ri.logicnow.com/download_md5/iscanruntime.exe'
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 04:21:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 13 Aug 2020 04:21:14 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| jQuery function| $ object| html5 object| Modernizr function| yepnope function| DP_jQuery_1597292471857 object| Placeholders string| GoogleAnalyticsObject function| ga object| dataLayer undefined| csrf_token undefined| csrf_param object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe function| getCookieMaster function| setCookieMaster function| getQueryVariableMaster function| getCQValues function| isPopulated function| SimpleDTO function| minVersion function| loadJS boolean| validHost string| hostDomain string| dtp string| cl undefined| mklid undefined| DTO string| v2 function| source object| f object| s number| p object| t1 string| pName undefined| tempVal number| j string| subTempName string| subTempVal undefined| t2 string| referrerStringMaster object| currentQ object| _mTrack function| onYouTubeIframeAPIReady object| google_optimize function| rtp function| drift function| driftt function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker object| __core-js_shared__ object| platform boolean| __DRIFTT_WIDGET_INCLUDED__ string| __DRIFT_INSTANCE_ID__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__ function| getInternetExplorerVersion function| consoleMessage function| makeGetRequest function| createCORSRequest object| ITLocalStorageAPI object| InsighteraUtil object| iiq object| ibq object| trackObj function| isCurrentSession function| addDynamicScript function| rtpRCMD object| AITag object| aiq object| AIConfig function| setButtonWidthHeight function| getDirectionForWidgetSide function| updateWidget function| initialize function| showWidgetCampaign function| hide function| injectContent function| execute function| destroy object| InsighteraWidget function| setTimeoutFunction object| exp_2_year function| loadRichMediaImage function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| __extends object| Demandbase object| __db function| DBSegment object| uetq function| UET string| _linkedin_data_partner_id function| lintrk boolean| _already_called_lintrk function| fbq function| _fbq function| twq function| rdt object| SWPX function| alignElementPosition function| applyAttributeHeightToPics function| revertAttributeHeightToPics object| twttr function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| obApi

19 Cookies

Domain/Path Name / Value
.us.ri.logicnow.com/ Name: _rdt_uuid
Value: 1597292472874.1ad65e08-5091-4edd-ab0b-107955efb55d
.logicnow.com/ Name: _gat_UA-52461231-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUm7nZ-bplCuJeC27JjJW0exHgtCtXxS88EBEUrYfEHNFhfrA4FWkvz3uhdB
.logicnow.com/ Name: _uetvid
Value: f94519cd5b282a67dfb8cc593c945870
.logicnow.com/ Name: _uetsid
Value: 72d22c1b2b36c56dde80ca3311129805
.logicnow.com/ Name: trwsa.sid
Value: logicnow-1597292472663-b9fde527%3A1
.logicnow.com/ Name: _ga
Value: GA1.2.381907364.1597292472
.logicnow.com/ Name: trwv.uid
Value: logicnow-1597292472662-132bccef%3A1
.logicnow.com/ Name: _hjid
Value: f65ce4c6-b98d-40ee-85e1-a72526c8ce0c
us.ri.logicnow.com/ Name: driftt_aid
Value: 387e7014-2f45-468c-a109-1e389070ef2d
us.ri.logicnow.com/ Name: _hjIncludedInPageviewSample
Value: 1
.logicnow.com/ Name: _fbp
Value: fb.1.1597292472936.118411016
us.ri.logicnow.com/ Name: XSRF-TOKEN
Value: khNo2c%2BM36%2FdOkDPjL8daxO8eN%2FthV4jEl%2FG2uvZJPQ%3D
.logicnow.com/ Name: _gcl_au
Value: 1.1.1137583536.1597292472
.logicnow.com/ Name: _dc_gtm_UA-52461231-1
Value: 1
.logicnow.com/ Name: _gid
Value: GA1.2.2054303209.1597292472
.logicnow.com/ Name: _mkto_trk
Value: id:356-UVH-403&token:_mch-logicnow.com-1597292472404-13450
us.ri.logicnow.com/ Name: _session_id
Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWUzZWE0NTI2NzQ3OWJiYWM5YjUxZmVhYzZkZWNjZjlhBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMWtoTm8yYytNMzYvZE9rRFBqTDhkYXhPOGVOL3RoVjRqRWwvRzJ1dlpKUFE9BjsARg%3D%3D--e4c362f5a536f1b0edb909af55646b3139eea2c2
.logicnow.com/ Name: _gat
Value: 1

29 Console Messages

Source Level URL
Text
console-api log (Line 8)
Message:
Current: 1.10.2; Min: 1.12.2
console-api log (Line 9)
Message:
Loading alternate JQuery as minimum is not loaded
console-api log (Line 11)
Message:
QP:
console-api log (Line 11)
Message:
C:
console-api log (Line 15)
Message:
01 Finished
console-api log (Line 2)
Message:
Set Cookie: utm_medium=website
console-api log (Line 2)
Message:
Set Cookie: utm_source=direct
console-api log (Line 2)
Message:
Set Cookie: utm_campaign=Multi-GLBL-LT-DGD-DEFATT_WebDir-2019-01-01
console-api log (Line 2)
Message:
Set Cookie: utm_content=
console-api log (Line 2)
Message:
Set Cookie: utm_term=
console-api log (Line 2)
Message:
Set Cookie: cPID=
console-api log (Line 2)
Message:
Set Cookie: mkwid=
console-api log (Line 2)
Message:
Set Cookie: cjevent=
console-api log (Line 2)
Message:
Set Cookie: cjcid=
console-api log (Line 2)
Message:
Set Cookie: cjpid=
console-api log (Line 2)
Message:
Set Cookie: OppTarget=
console-api log (Line 2)
Message:
Set Cookie: crid=
console-api log (Line 2)
Message:
Set Cookie: referrerString=false false
console-api log (Line 27)
Message:
02 Finished
console-api log (Line 1)
Message:
07 Finished
console-api log (Line 1)
Message:
08 Finished
console-api log (Line 4)
Message:
03 Finished
console-api log (Line 2)
Message:
Document Ready
console-api log (Line 1)
Message:
12 Finished
console-api log (Line 1)
Message:
14 Finished
console-api warning URL: https://www.redditstatic.com/ads/pixel.js(Line 1)
Message:
Reddit Pixel Warning:pixel has already been initialized
console-api log (Line 1)
Message:
15 Finished
console-api log (Line 1)
Message:
17 Finished
console-api log (Line 1)
Message:
18 Finished

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

356-uvh-403.mktoresp.com
8558434.fls.doubleclick.net
9563899.fls.doubleclick.net
abrtp1-cdn.marketo.com
abrtp1.marketo.com
ajax.googleapis.com
alb.reddit.com
amplify.outbrain.com
amplifypixel.outbrain.com
analytics.twitter.com
api.company-target.com
bat.bing.com
connect.facebook.net
googleads.g.doubleclick.net
in.hotjar.com
js.driftt.com
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
px.spiceworks.com
rtp-static.marketo.com
script.hotjar.com
secure.leadforensics.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
tr.outbrain.com
tracker.marinsm.com
us.ri.logicnow.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.109.95.62
104.111.239.158
104.244.42.5
104.244.42.67
13.226.155.124
13.226.155.125
13.226.155.25
13.226.155.60
13.226.155.78
147.75.102.199
147.75.102.203
147.75.33.229
151.101.12.157
172.217.21.198
192.28.144.124
192.28.144.84
199.232.53.140
2.18.234.190
216.58.207.66
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:815::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:820::2002
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9b
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
35.166.1.236
45.60.13.212
51.140.49.131
52.215.1.63
63.33.1.59
70.42.32.191
045ef2ddf92b95a929334641e172b799a23eee73c02f38e878279bb1ea001ce8
065779976ab0cb0d71cdb867d661b00b7792d23fba409fb2eef90016bc1626b5
068f08a553f5a241399a007864a645a1832105cec42bdf407eb2af732b1da98a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2168ab7969cfe25409f185ad622a2ec0c78ba083fd79cf021387d8995a2e51e9
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4f640a1cb109bf8dd4726943737b18e3c86dc0d40652825bf1a35cf925257288
51f57a3c7d8a7beb3e7d75e5c9efc04404b4270688be21d6570b423731c9ffaf
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
67961a127f9192e730df2fbc784f18955ca5acdcf0dc29c4462bb054c92fa8bf
7fb58f6c6c2c3b61909e3b4bb9e199d95d5e2a4e39b58f25d1a9894971ed16b9
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8a45045cbe8e5c9d10705d15dc145a519b80e668d9dd4f557a554c84b5bed135
8c50c5df5126eb91d6dfeb2369aa89f6150e32fc09ceec5f85ebac26bc3fc28e
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
a886defb04adb675e3d2306fce879c6b1180af4b0e95fac50e6fa310c930b335
aa371b695a477025f6fd48693baea5a6ed0ff4eb71c5a660d854e543b2370013
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2387b8ed353a0b2f27d12a53beccdb59ace299d19ff095c99d4a18f4e68eb60
b258049c53c9f14a49a3fb5dc235e4f8de95946d647343f914c4eb7202176a82
c0161becb5fafacfce1ed84b0cb433d722cd05f49a9bddd970f3beda387f4ac1
c0793785cccba0b9e49a1b9da29623b5dd21555e20f902eba777fe417672f226
c5ae59f5bc7f29eeed058b213bfb68c9dc8f915d8f73e1131bccea4700191ae4
c5cabd1fd64a3bb9bf7c7d5ff82cded6f2f721ee03c3da1452a8ecf962c7d170
ccb819063bcd5710677bf89ae2f261edc8d52b98c3a40edbd25072aac993b3ab
d4ebf3c82c499fcd9202af5f09889c24c43d2f638a450515a0075f1d67de9898
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955