Report - chat.cummins.com/

Report Overview

URL

chat.cummins.com/
IP

217.140.13.59

ASN

#13205 British Telecommunications PLC
Submitted

2023-02-08T22:05:16Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

2
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5844	34.160.144.191
ocsp.entrust.net (1)	1208	2014-01-10T03:18:45Z	2023-03-13T05:09:58Z	340	1957	104.110.10.32
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	52.35.19.71
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3246	63921	34.120.237.76
cdn1.ashampoo.net (1)	unknown	2015-07-06T13:59:48Z	2023-03-12T10:45:48Z	287	539	54.230.111.23
r3.o.lencr.org (9)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3042	7977	23.36.77.32
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2374	35.241.9.150
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
chat.cummins.com (21)	unknown	2020-01-16T17:20:03Z	2022-08-29T19:57:18Z	10552	949280	217.140.13.59

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-08T22:05:35Z	medium	54.230.111.23	Client IP	ET POLICY Executable served from Amazon S3
2023-02-08T22:05:35Z	high	54.230.111.23	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

HTTP Transactions (43)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dca68db7aea32f6683ce8d542c078f04

19c495238df74fca680e21f18627ff94de5dd2e5

35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15722
Expires: Thu, 09 Feb 2023 02:26:39 GMT
Date: Wed, 08 Feb 2023 22:04:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

565c1bbc5c1c40be1988b3bf6fd9dc1a

cfdba5bc597130461dd67bf6cda53183be592493

60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11941
Expires: Thu, 09 Feb 2023 01:23:38 GMT
Date: Wed, 08 Feb 2023 22:04:37 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

ff250d3ef3fa45322bf05039a0122a9f

b3e7a2c383bce1bab807dbe1a03c375258b51f1d

d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 21:34:13 GMT
content-type: application/json
age: 1824
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cc14b0d2f7c451f6431dc87ba54d1d60

bab8bfda6fa3e2f17125353f5147211787dc25d0

b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13891
Expires: Thu, 09 Feb 2023 01:56:08 GMT
Date: Wed, 08 Feb 2023 22:04:37 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

e76071a28ee566dababb3834f46d68ed

aebb4e68c1ba2de0f90025283e8ed8470944fde0

78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: JTziMdfiFRj4vZXshBFLOmJ0IMKHrB3hCN5wyB/RgEhgiFhvmrm8cvmkyZD0KobRBabYyCP5I+A=
x-amz-request-id: H22KQ75WNZNR4GBS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 21:36:06 GMT
age: 1712
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.entrust.net/

104.110.10.32

200 OK

1588

URL HTTP/1.1

ocsp.entrust.net/
IP

104.110.10.32:0
ASN

#16625 AKAMAI-AS

Magic

data

Size

1588
Hash

cebdf8fb1e0ff81173606ffe723d4932

3db41640927eca31257cbdad256eb3f1b76b8fca

be68430727c7396ab7c0aee5a8b34032283f90bd40610b70986ce9c70cd846cc

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BE68430727C7396AB7C0AEE5A8B34032283F90BD40610B70986CE9C70CD846CC"
Last-Modified: Wed, 08 Feb 2023 17:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3579
Expires: Wed, 08 Feb 2023 23:04:17 GMT
Date: Wed, 08 Feb 2023 22:04:38 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:04:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

chat.cummins.com/

Netherlands British Telecommunications PLC

217.140.13.59

200 OK

4912

URL HTTP/1.1

chat.cummins.com/
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text

Size

4912
Hash

3423d895e8939e4c6e9ad3228a6e0cb5

f873ca88a72c73c0a381120d4b2149743a6d721e

71642df52013eb685b627234b86d904a87cd8cd1eae01733448e83387000f183

HTTP Headers

                                        GET / HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 4912
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: no-cache
Content-Encoding: gzip
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Sun, 05 Jun 2022 12:21:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0;Path=/system;Secure;HttpOnly;SameSite=NONE
X-UA-Compatible: IE=EmulateIE9
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/logo_customer.png

217.140.13.59

200 OK

14699

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/logo_customer.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 135 x 65, 8-bit/color RGBA, non-interlaced\012- data

Size

14699
Hash

6699bd5d7aa8f79a4b59556a172d51f3

19f41fe0e584815ff2e3456b9c344f2b2be8c9a8

4a22802b337c19c965419bbfa91d2b7f83072b5670388be382203aab8adaace3

HTTP Headers

                                        GET /system/web/image/platform/landing/logo_customer.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 14699
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/common/jquery-ui-1.12.1/jquery-ui.min.css

217.140.13.59

200 OK

9831

URL HTTP/1.1

chat.cummins.com/system/web/common/jquery-ui-1.12.1/jquery-ui.min.css
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

ASCII text, with very long lines (29724)

Size

9831
Hash

28f5753ceb7e6517135e8a1df008e6a6

da457ae328856df9d376ad46c100794eb23b5171

ad902675a98038b2ce502bb4530c2f159e3f49f04a3040af2d6ef01eef23a5e6

HTTP Headers

                                        GET /system/web/common/jquery-ui-1.12.1/jquery-ui.min.css HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: text/css;charset=utf-8
Content-Length: 9831
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 04:44:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/common/jquery/jquery-3.4.1.min.js

217.140.13.59

200 OK

39406

URL HTTP/1.1

chat.cummins.com/system/web/common/jquery/jquery-3.4.1.min.js
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

ASCII text, with very long lines (65451)

Size

39406
Hash

95e8663f588cad82a93cf3207db15648

f066753425004fc40a3f087716e5db91d11302f9

58f9f4b7a44320ac042097fbe24ecd8e1c02d09ecd71098e57e9b06b93209b58

HTTP Headers

                                        GET /system/web/common/jquery/jquery-3.4.1.min.js HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 39406
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 04:45:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/logo_egain_solve.png

217.140.13.59

200 OK

3688

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/logo_egain_solve.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 135 x 65, 8-bit/color RGBA, non-interlaced\012- data

Size

3688
Hash

d9d3527f8729b29c85b7ccecb7c82551

42e684daf5e0594af4e30a2a7a4ee0f6f46fcaf4

dff389ff4e677c0537e526eaa58013ce59d60d5baf6bdd4b46f0882ad95c6a39

HTTP Headers

                                        GET /system/web/image/platform/landing/logo_egain_solve.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 3688
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/common/jquery-ui-1.12.1/jquery-ui.min.js

217.140.13.59

200 OK

90937

URL HTTP/1.1

chat.cummins.com/system/web/common/jquery-ui-1.12.1/jquery-ui.min.js
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

ASCII text, with very long lines (33326)

Size

90937
Hash

3d4854bb58d75e86303097e585c6dfad

f187f7fa459f593bf1473b7dca752639c336af72

951e9d0b79e02ca1bce2463e6099d08adbec37f1b7cde753864e8cf6c264c99a

HTTP Headers

                                        GET /system/web/common/jquery-ui-1.12.1/jquery-ui.min.js HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 04:44:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/image_consoles.png

217.140.13.59

200 OK

95041

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/image_consoles.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 416 x 200, 8-bit/color RGBA, non-interlaced\012- data

Size

95041
Hash

7778cc0ee24f99250068f32867bba044

5472fc75e732744f5c02f8f6a0a8214bb9eb6f95

89e6f805b068b46a16385ae56aaa5bba3381282cf54c464d86ab5e23a8224665

HTTP Headers

                                        GET /system/web/image/platform/landing/image_consoles.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 95041
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/image_advisor.png

217.140.13.59

200 OK

160778

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/image_advisor.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 416 x 200, 8-bit/color RGBA, non-interlaced\012- data

Size

160778
Hash

0a2cd653000fdb0b3e8662a96c351f25

3722d478174f700de25c128392bdccd87ddcba9c

e46079f6078a1e8d8a4f789bdf91289366f4e135ee0fd3c05ac8e1ccf799d44e

HTTP Headers

                                        GET /system/web/image/platform/landing/image_advisor.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 160778
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/image_system_admin.png

217.140.13.59

200 OK

101166

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/image_system_admin.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 203 x 409, 8-bit/color RGBA, non-interlaced\012- data

Size

101166
Hash

8f87105365d5518f11432cc3a6fe9dae

6693d7b180b4058fb9aea28be12661418f59b3e3

6b964fd86fd75174097a970ae364d3d0a95ce293af7339f07e9f417a6cb31d92

HTTP Headers

                                        GET /system/web/image/platform/landing/image_system_admin.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 101166
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/image_analytics.png

217.140.13.59

200 OK

108203

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/image_analytics.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 203 x 409, 8-bit/color RGBA, non-interlaced\012- data

Size

108203
Hash

7ca403f24887bbe87cb1aa751aa6247e

e0305911a33aed718d816ed1eb9c06b32f4a099d

6e4433960e33da759520bd10ebf62fec371c94deb831b74f7dff6b826ab4644b

HTTP Headers

                                        GET /system/web/image/platform/landing/image_analytics.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 108203
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/favicon.ico

217.140.13.59

404 Not Found

688

URL HTTP/1.1

chat.cummins.com/favicon.ico
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators

Size

688
Hash

90a0f10cdbe18b4e3535b9acba887180

c938ec6e5b78bb5b487e17c7f7838aac7ac7e727

8f1778080c26b06248a1e9de026acff47a6a5845194098d72e2d4299feb0f8fb

HTTP Headers

                                        GET /favicon.ico HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 404 Not Found
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip

chat.cummins.com/system/web/view/platform/common/login/getlogindata.jsp?partitionId=1

217.140.13.59

200 OK

347

URL HTTP/1.1

chat.cummins.com/system/web/view/platform/common/login/getlogindata.jsp?partitionId=1
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

JSON data\012- , Unicode text, UTF-8 text, with very long lines (375), with CRLF line terminators

Size

347
Hash

13f755f4731c0a8e559a7139ed8bb269

63de1e383fca8f0d7143363b25eae64d5574973e

3bf70cf703de2c674209d7257e8eba2c0f673e0463a606fc193ae199b69ef333

HTTP Headers

                                        GET /system/web/view/platform/common/login/getlogindata.jsp?partitionId=1 HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 347
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/view/platform/common/login/getlandingpagedata.jsp

217.140.13.59

200 OK

183

URL HTTP/1.1

chat.cummins.com/system/web/view/platform/common/login/getlandingpagedata.jsp
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

JSON data\012- , ASCII text, with no line terminators

Size

183
Hash

607342c519fc5f329a6f17dafa8efad9

46e6abcee4a1bade973a28a81a9cbad16b0582b6

28de43484928075319e44c6c83abc1b78ca36627019d7c680349c61819dafc31

HTTP Headers

                                        GET /system/web/view/platform/common/login/getlandingpagedata.jsp HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 183
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/egain_solve_for_cisco.png

217.140.13.59

200 OK

1542

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/egain_solve_for_cisco.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 86 x 52, 8-bit/color RGBA, non-interlaced\012- data

Size

1542
Hash

f121691406f07acd5644d38a9aaf19b6

6dc863cd4c61d163739e2ffbaa5aa2a858809ce6

b736906ece816ce8d64c47e0e779ec05e9fded7df2f06817f9895f39ac3145b2

HTTP Headers

                                        GET /system/web/image/platform/landing/egain_solve_for_cisco.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 1542
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:14:52 GMT
age: 2986
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

chat.cummins.com/system/web/image/platform/landing/image_hosting_ece.png

217.140.13.59

200 OK

113381

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/image_hosting_ece.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 417 x 409, 8-bit/color RGBA, non-interlaced\012- data

Size

113381
Hash

7a7bf06c5e86cb7a7ce5f59f94f15639

a858d609c076d9a4a342e3d9e583a2674044061c

84762c84a18c10322f9906637a31d363c4a077a7fb34c929f79ab6e94dbd8f35

HTTP Headers

                                        GET /system/web/image/platform/landing/image_hosting_ece.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 113381
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/image_consoles_ece.png

217.140.13.59

200 OK

161885

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/image_consoles_ece.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 417 x 409, 8-bit/color RGBA, non-interlaced\012- data

Size

161885
Hash

808cabdf9ad62feff3d376b3b22cd181

8a66f7a89fe3bac172593167ee97036c27781067

e43666f08ca7aaca9753c166517ce05aaf9a4d345051cad848584cd3d0340a71

HTTP Headers

                                        GET /system/web/image/platform/landing/image_consoles_ece.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 161885
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/common/jquery-ui-1.12.1/images/ui-bg_glass_100_f6f6f6_1x400.png

217.140.13.59

200 OK

262

URL HTTP/1.1

chat.cummins.com/system/web/common/jquery-ui-1.12.1/images/ui-bg_glass_100_f6f6f6_1x400.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 1 x 400, 16-bit grayscale, non-interlaced\012- data

Size

262
Hash

5fafd6962feb215ac5c3db8340c55764

2d3c24d2b99515d4dac873586edaf14f7ca7dd9d

312c4adaf398619ec9d0d644bc334c7ae7610a11a0da186f3756396fb8ac0a12

HTTP Headers

                                        GET /system/web/common/jquery-ui-1.12.1/images/ui-bg_glass_100_f6f6f6_1x400.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/system/web/common/jquery-ui-1.12.1/jquery-ui.min.css
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 262
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:44:58 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/common/jquery-ui-1.12.1/images/ui-icons_ef8c08_256x240.png

217.140.13.59

200 OK

4549

URL HTTP/1.1

chat.cummins.com/system/web/common/jquery-ui-1.12.1/images/ui-icons_ef8c08_256x240.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 256 x 240, 8-bit colormap, non-interlaced\012- data

Size

4549
Hash

965ac4a7613203bb99e600fe6fec1b1b

ad5c981499096cc769a87e6b493f5c9ddf2aa996

554c2727b8ce2534941b079597425be134dd257437f76cb04cddc3cbd7227fb3

HTTP Headers

                                        GET /system/web/common/jquery-ui-1.12.1/images/ui-icons_ef8c08_256x240.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/system/web/common/jquery-ui-1.12.1/jquery-ui.min.css
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 4549
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:44:58 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/image/platform/landing/flags.png

217.140.13.59

200 OK

4781

URL HTTP/1.1

chat.cummins.com/system/web/image/platform/landing/flags.png
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

PNG image data, 64 x 44, 8-bit/color RGBA, non-interlaced\012- data

Size

4781
Hash

7a1fb3d82d097ac3089587ca0deb41d9

443b61469cb8d89dfdb6e1469aa473be094034a5

c6a1e7a45bd512c3b5fb7a7e01736d02b1a01540e72e697a3acd62bf41457564

HTTP Headers

                                        GET /system/web/image/platform/landing/flags.png HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: image/png;charset=utf-8
Content-Length: 4781
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:45:36 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/l10n/en/us/pl/web/common/landing.properties?_=1675893934709

217.140.13.59

200 OK

344

URL HTTP/1.1

chat.cummins.com/system/l10n/en/us/pl/web/common/landing.properties?_=1675893934709
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

ASCII text

Size

344
Hash

a3b299a55bfbefb56ef9ad99ceba11c9

5c177c7da7ddbbd2a012706f3a6e162659049a97

8a84969420b4270ef51ad692ccf9f1a7465c95bb78ac85bc8ecc9ee0128ccb04

HTTP Headers

                                        GET /system/l10n/en/us/pl/web/common/landing.properties?_=1675893934709 HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 344
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: no-cache
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 04:45:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE9
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

chat.cummins.com/system/web/apps/shared/fonts/opensanscondensed_light/OpenSans-CondLight-webfont.woff

217.140.13.59

200 OK

21760

URL HTTP/1.1

chat.cummins.com/system/web/apps/shared/fonts/opensanscondensed_light/OpenSans-CondLight-webfont.woff
IP

217.140.13.59:0
ASN

#13205 British Telecommunications PLC

Magic

Web Open Font Format, TrueType, length 21760, version 1.0\012- data

Size

21760
Hash

b01901d6892382054e8567356cb69e49

3cda10e8cf93ebccd04f344c0bef20cc5405e833

e7bc0e28df9956479610ab140343d707c44676233c0ded95b12fbec8779501cd

HTTP Headers

                                        GET /system/web/apps/shared/fonts/opensanscondensed_light/OpenSans-CondLight-webfont.woff HTTP/1.1
Host: chat.cummins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://chat.cummins.com/
Cookie: JSESSIONID=node016ff5i3bel4n218rc1zxn1hqv1522449.node0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 08 Feb 2023 22:03:41 GMT
Content-Type: application/font-woff;charset=utf-8
Content-Length: 21760
Connection: keep-alive
Cache-Control: max-age=86400,private
Pragma: cache
Last-Modified: Wed, 08 Jul 2020 04:48:58 GMT
Accept-Ranges: bytes
Accept-Encoding: compress,gzip
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=EmulateIE9, IE=EmulateIE9
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

9b88bae61bca33aba8aa99f6128db8d9

a07b61fb2458917699613fcae68710941b595416

54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Wed, 08 Feb 2023 23:23:05 GMT
Date: Wed, 08 Feb 2023 22:04:38 GMT
Connection: keep-alive

push.services.mozilla.com/

52.35.19.71

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

52.35.19.71:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bGcTRs85FH2a/moxfx0g4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NRjcaTjTiEFWlrdQPvl06QPOuvc=

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

68273225f74fbf7493f395610d7a73fc

5a8779ef5656aeeba23b365aad60b7901c5dd7fc

c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3301
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 22:04:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

68273225f74fbf7493f395610d7a73fc

5a8779ef5656aeeba23b365aad60b7901c5dd7fc

c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3301
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 22:04:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

68273225f74fbf7493f395610d7a73fc

5a8779ef5656aeeba23b365aad60b7901c5dd7fc

c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3301
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 22:04:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

68273225f74fbf7493f395610d7a73fc

5a8779ef5656aeeba23b365aad60b7901c5dd7fc

c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3301
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 22:04:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

68273225f74fbf7493f395610d7a73fc

5a8779ef5656aeeba23b365aad60b7901c5dd7fc

c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3301
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 22:04:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg

34.120.237.76

200 OK

12216

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

12216
Hash

fe800d6af728cd622a6192ad5e7dda6a

3a301dd894fc428c7d1863c9d5eaf2652f5c2083

f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BkdtaOTlwyUfTgFhatMezWVi6b7uwfZ4G-V6iQyxIGDgbt28zb132A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:50:53 GMT
age: 828
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8703

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

8703
Hash

be9f475292d4b5b0502d4381ccdf455b

ecb943b48c822b086ea699d802f8f1bb5ee26651

ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oDXgginig1GJvV9QIPvDGVumNDnOrBbrGRZSqyJ_NDRUX4XP5jxHxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:04:09 GMT
age: 32
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4961

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

4961
Hash

544181f4aba24fc687a14522dd20f720

2b117270563b8c466ec774acce55271c38f6135b

607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:47:57 GMT
age: 58604
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12772

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

12772
Hash

2bf626b824fefec1ecaceb9243f2e5ec

f222976d76d889a0cd767bfd73075ee114c531ce

3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TC5kFF-W-6W2tDvoCEHi9opfid8-g5RHD6R22zYTpB_Rz-HsyGxR5A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:54:52 GMT
age: 589
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10328

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

10328
Hash

1d2eccb9280b851aa1725df5681f6bbd

b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5

c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pNBF_lBtNmvVWQAnBxCp0e03pdV_rbGOf9V1UvqeRO2vcZR3_lSE2w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:55:31 GMT
age: 550
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8629

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

8629
Hash

02fde25be5ded120af759d19d8304f73

8d2a4d9ab5947113ce0737d4d4bed3e30a971026

7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GIAPTJF7sfpuubLSngEDMrowvBWW5c1xRlyVf7PQ3o6rGWdFITVioA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:52:22 GMT
age: 739
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn1.ashampoo.net/ashampoo/0638/ashampoo_office_2016_2016.741_sm.exe

54.230.111.23

200 OK

URL HTTP/1.1

cdn1.ashampoo.net/ashampoo/0638/ashampoo_office_2016_2016.741_sm.exe
IP

54.230.111.23:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY Executable served from Amazon S3
suricata	high	ET POLICY PE EXE or DLL Windows file download HTTP

HTTP Headers

                                        GET /ashampoo/0638/ashampoo_office_2016_2016.741_sm.exe HTTP/1.1
Host: cdn1.ashampoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                        HTTP/1.1 200 OK
Content-Type: application/x-msdos-program
Content-Length: 132089376
Connection: keep-alive
Date: Wed, 08 Feb 2023 22:03:38 GMT
Last-Modified: Mon, 19 Jun 2017 13:50:47 GMT
ETag: "a5e6d0c8ea0e9b53addd3ec857d62fc8-16"
Cache-Control: max-age=2592000,public,must-revalidate
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OMYMx1DMsqJg84LjQ8zb6Qwqiz9zHWT6UtIn7KjA07IqmLjvN-oI4w==
Age: 62

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

#1 JS:Script (size: 88145)

#2 JS:Script (size: 253668)

#3 JS:Script (size: 6725)

#4 JS:Script (size: 473)

HTTP Transactions (43)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP