www.otorio.com Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1V...
Effective URL:
https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=ema...
Submission: On February 06 via api (February 6th 2023, 1:59:09 pm UTC) from IE — Scanned from DE

Summary HTTP 97 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 34 domains to perform 97 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.otorio.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 20th 2022. Valid for: a year.

This is the only time www.otorio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:440... 2606:4700:4400::ac40:962d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 31	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.78.103 13.225.78.103	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2600:9000:20e... 2600:9000:20eb:4a00:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:32f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:bc00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.189.122 13.224.189.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	18.66.122.107 18.66.122.107	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.220.64.134 54.220.64.134	16509 (AMAZON-02) (AMAZON-02)
97	42

2 2606:4700:4400::ac40:962d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

czd8v04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a06:98c1:3121::c (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.otorio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

otorio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4a00:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:32f5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.powr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:bc00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-122.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-107.fra60.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.64.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-64-134.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	otorio.com 4 redirects www.otorio.com otorio.com	3 MB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	128 KB
5	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 2937 track.hubspot.com — Cisco Umbrella Rank: 2152	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5986	778 B
4	google.com www.google.com — Cisco Umbrella Rank: 2	778 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 575 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 620 script.hotjar.com — Cisco Umbrella Rank: 815 vars.hotjar.com — Cisco Umbrella Rank: 855 in.hotjar.com — Cisco Umbrella Rank: 1661	73 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	4 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 3843 forms-na1.hsforms.com — Cisco Umbrella Rank: 6017	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 13341 tr.lfeeder.com — Cisco Umbrella Rank: 19939	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	136 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	137 KB
2	hubspotlinks.com 1 redirects czd8v04.na1.hubspotlinks.com	4 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3237	878 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814	376 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 623	395 B
1	t.co t.co — Cisco Umbrella Rank: 531	377 B
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4350	25 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2004	20 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4028	87 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2011	63 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 2974	3 KB
1	powr.io www.powr.io — Cisco Umbrella Rank: 12885	6 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 625	15 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4504	2 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1669
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 630	304 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2109	963 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 5772	159 KB
97	34

	Domain	Requested by
31	www.otorio.com	4 redirects czd8v04.na1.hubspotlinks.com www.otorio.com
8	cdn.cookielaw.org	www.otorio.com cdn.cookielaw.org
4	www.google.de	www.otorio.com
4	www.google.com	www.otorio.com
4	otorio.com	www.otorio.com
3	track.hubspot.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	forms.hsforms.com	js.hsforms.net www.otorio.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	www.facebook.com	www.otorio.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	czd8v04.na1.hubspotlinks.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.otorio.com
2	czd8v04.na1.hubspotlinks.com	1 redirects
1	in.hotjar.com	script.hotjar.com
1	api.hubapi.com	js.hsadspixel.net
1	tr.lfeeder.com	www.otorio.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.otorio.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	www.otorio.com
1	t.co	www.otorio.com
1	forms-na1.hsforms.com	www.otorio.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	www.powr.io	www.otorio.com
1	sc.lfeeder.com	czd8v04.na1.hubspotlinks.com
1	static.ads-twitter.com	czd8v04.na1.hubspotlinks.com
1	ws.zoominfo.com	czd8v04.na1.hubspotlinks.com
1	script.crazyegg.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.googleapis.com	www.otorio.com
1	js.hs-scripts.com	www.otorio.com
1	js.hsforms.net	www.otorio.com
97	44

This site contains links to these domains. Also see Links.

Domain
go.otorio.com
partners.otorio.com
twitter.com
www.facebook.com
telegram.me
www.linkedin.com
support.industry.siemens.com
www.cisa.gov
cert-portal.siemens.com
forms.clickup.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-20` - `2023-03-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-04-21` - `2023-04-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-15` - `2023-02-13`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.lfeeder.com Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
Frame ID: 3E73C3CABADF36C7EAFBCB68E3AE0856
Requests: 97 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: C35B421F88A93BB43ACD0212F2189E3B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OTORIO Research Team Uncovers RCE affecting Siemens Servers Including PCS 7Back ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7C... Page URL
http://czd8v04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8G... HTTP 307
https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-p... Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

97
Requests

94 %
HTTPS

79 %
IPv6

34
Domains

44
Subdomains

42
IPs

5
Countries

4277 kB
Transfer

7322 kB
Size

33
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://go.otorio.com/gigaom-analyst-report
Title: GET THE REPORT

Search URL Search Domain Scan URL

URL: https://partners.otorio.com/
Title: Partner Log-In

Search URL Search Domain Scan URL

URL: https://go.otorio.com/become-an-otorio-partner
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://go.otorio.com/request-a-demo
Title: Request Demo

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/&text=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/&title=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&source=otorio.com

Search URL Search Domain Scan URL

URL: https://support.industry.siemens.com/cs/ww/en/view/114358/
Title: https://support.industry.siemens.com/cs/ww/en/view/114358/

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-10
Title: https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-10

Search URL Search Domain Scan URL

URL: https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf
Title: https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf

Search URL Search Domain Scan URL

URL: https://forms.clickup.com/3743615/f/3j7vz-13222/XZMRG0SY67RV3XYGUK
Title: Security Contact

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW7ry9sS272B9XW9kQjWd4nswQrW88Xsqf7Sx1n-W3fRzKJ38BbpqVcFkCm8cwb-CW7X2YXR4CpHTVW8lCTDy7H6J1FVmY6VB9cp4-BW4dxS021WMdrSW32HmdV4qShR9W2wT1dg98r4-cW2lMRCq67KjMGW3_V6Wd6lkm92W4xx8jJ6HRfgyW71tRb36f3swzW5FtYN-6qMcv1Vl6jFd40J6bKW2ySqhK2DSPvWW3JWTJJ1Txv1cW1L73S15DDSXQMm055GJxnSVW3jrMhD44KCbyMT5DhfL8LpvW63ZB4d4v5PgPVYfb-D6p1rc7VbM5t73Y1Ftp3g7H1 Page URL
http://czd8v04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW7ry9sS272B9XW9kQjWd4nswQrW88Xsqf7Sx1n-W3fRzKJ38BbpqVcFkCm8cwb-CW7X2YXR4CpHTVW8lCTDy7H6J1FVmY6VB9cp4-BW4dxS021WMdrSW32HmdV4qShR9W2wT1dg98r4-cW2lMRCq67KjMGW3_V6Wd6lkm92W4xx8jJ6HRfgyW71tRb36f3swzW5FtYN-6qMcv1Vl6jFd40J6bKW2ySqhK2DSPvWW3JWTJJ1Txv1cW1L73S15DDSXQMm055GJxnSVW3jrMhD44KCbyMT5DhfL8LpvW63ZB4d4v5PgPVYfb-D6p1rc7VbM5t73Y1Ftp3g7H1?_ud=8c634dcf-2b63-41b7-ad4b-9de27525317c&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.otorio.com/fonts/ProximaNova-Black.woff2 HTTP 301
https://otorio.com/fonts/proximanova-black.woff2

Request Chain 5

https://www.otorio.com/fonts/ProximaNova-Bold.woff2 HTTP 301
https://otorio.com/fonts/proximanova-bold.woff2

Request Chain 11

https://www.otorio.com/images/flag_US.png HTTP 301
https://otorio.com/images/flag_us.png

Request Chain 33

https://www.otorio.com/fonts/ProximaNova-Regular.woff2 HTTP 301
https://otorio.com/fonts/proximanova-regular.woff2

Request Chain 67

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2287769&time=1675691940903&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2287769%26time%3D1675691940903%26url%3Dhttps%253A%252F%252Fwww.otorio.com%252Fblog%252Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%252F%253Futm_medium%253Demail%2526_hsmi%253D244301761%2526_hsenc%253Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%2526utm_content%253D244301761%2526utm_source%253Dhs_email%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2287769&time=1675691940903&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2287769&time=1675691940903&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tm=gtmv2&liSync=true&e_ipv6=AQL78HT31YIg4gAAAYYnBd6ZSLOX47WlSphVvYOVO_dfJqXJfjdWB3sNe_0e-9QzZ_sDbSEX80YO

97 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW7ry9sS272B9XW9kQjWd4nswQrW88Xsqf7Sx1n-W3fRzKJ38BbpqVcFkCm8cwb-CW7X2YXR4CpHTVW8lCTDy7H...
czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/ 8 KB
3 KB 256ms
217ms Document
text/html 2606:4700:4400::ac40:962d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW7ry9sS272B9XW9kQjWd4nswQrW88Xsqf7Sx1n-W3fRzKJ38BbpqVcFkCm8cwb-CW7X2YXR4CpHTVW8lCTDy7H6J1FVmY6VB9cp4-BW4dxS021WMdrSW32HmdV4qShR9W2wT1dg98r4-cW2lMRCq67KjMGW3_V6Wd6lkm92W4xx8jJ6HRfgyW71tRb36f3swzW5FtYN-6qMcv1Vl6jFd40J6bKW2ySqhK2DSPvWW3JWTJJ1Txv1cW1L73S15DDSXQMm055GJxnSVW3jrMhD44KCbyMT5DhfL8LpvW63ZB4d4v5PgPVYfb-D6p1rc7VbM5t73Y1Ftp3g7H1
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:962d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: false
CF-Cache-Status: DYNAMIC
CF-RAY: 7954675c8d945b50-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Feb 2023 13:58:59 GMT
Referrer-Policy: no-referrer
Server: cloudflare
Transfer-Encoding: chunked
Vary: origin
X-HubSpot-Correlation-Id: 695dd367-7142-4675-8531-fd9ced355ac7
X-Robots-Tag: none

GET
H2

200

Primary Request / Show response
www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/
Redirect Chain

http://czd8v04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW...
https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fs...

58 KB
12 KB

371ms
99ms

Document
text/html

2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email

Requested by

Host: czd8v04.na1.hubspotlinks.com
URL: http://czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW7ry9sS272B9XW9kQjWd4nswQrW88Xsqf7Sx1n-W3fRzKJ38BbpqVcFkCm8cwb-CW7X2YXR4CpHTVW8lCTDy7H6J1FVmY6VB9cp4-BW4dxS021WMdrSW32HmdV4qShR9W2wT1dg98r4-cW2lMRCq67KjMGW3_V6Wd6lkm92W4xx8jJ6HRfgyW71tRb36f3swzW5FtYN-6qMcv1Vl6jFd40J6bKW2ySqhK2DSPvWW3JWTJJ1Txv1cW1L73S15DDSXQMm055GJxnSVW3jrMhD44KCbyMT5DhfL8LpvW63ZB4d4v5PgPVYfb-D6p1rc7VbM5t73Y1Ftp3g7H1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d34265809a18cc2f39ed20530028e73d746b7042573bc7bd4107892e68f739

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=1000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW7ry9sS272B9XW9kQjWd4nswQrW88Xsqf7Sx1n-W3fRzKJ38BbpqVcFkCm8cwb-CW7X2YXR4CpHTVW8lCTDy7H6J1FVmY6VB9cp4-BW4dxS021WMdrSW32HmdV4qShR9W2wT1dg98r4-cW2lMRCq67KjMGW3_V6Wd6lkm92W4xx8jJ6HRfgyW71tRb36f3swzW5FtYN-6qMcv1Vl6jFd40J6bKW2ySqhK2DSPvWW3JWTJJ1Txv1cW1L73S15DDSXQMm055GJxnSVW3jrMhD44KCbyMT5DhfL8LpvW63ZB4d4v5PgPVYfb-D6p1rc7VbM5t73Y1Ftp3g7H1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 79546760a88768f8-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 06 Feb 2023 13:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDwStPIwankgmgCHbS3XvHpS%2BrJU8K3Sz8eTaDMv2loNxxtPcWM4HNLxWvqh7Qk%2FNL3cC8kWDDqI%2BvLtHTbQBRULYsyHgmtrBxfnRZcwsNKkVge9gZ9fiPcv4hd2XNyNNJMUKxjNpWevjmqojg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: false
CF-Cache-Status: DYNAMIC
CF-RAY: 7954675e1edb5b50-FRA
Connection: keep-alive
Date: Mon, 06 Feb 2023 13:58:59 GMT
Link: <https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email>; rel="canonical"
Location: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
Referrer-Policy: no-referrer
Server: cloudflare
Transfer-Encoding: chunked
Vary: origin
X-HubSpot-Correlation-Id: 8cb02389-074a-41de-a3b6-da5322501f53
X-Robots-Tag: none

GET
H2 200 F9qfAf8o3TkdM_h4GECJqC0JDsI.js Show response
www.otorio.com/cdn-cgi/apps/head/ 4 KB
2 KB 34ms
32ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.otorio.com/cdn-cgi/apps/head/F9qfAf8o3TkdM_h4GECJqC0JDsI.js
Requested by: Host: www.otorio.com
URL: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bd2119d79f7a572d46617b414ef2235677d8f6cf450b6af06f52bd8d9385cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
x-amz-version-id: RNdlt4TRnEEeaGrMd.TH5wumTwrQ2YOj
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EEDRW13JNBZM17Z6
age: 157098
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pnLCqWk4nYwEoksBkdtrO61Q9/NgAzSzrV9BDi5EzwiKtyDIph3qBPuiyh0rJIXIt4EZxCEZJRo=
last-modified: Wed, 27 Jan 2021 08:00:26 GMT
server: cloudflare
etag: W/"c5934d867d872c93d2658422ceed6802"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Zj9pevSZOCFeQpbzQkV7IgQeLk5Zk7PBQB00EGRHSEyvissr3pXXxMKIyDHRpBP6Ek8mywz4GHwOENZsfJMu0UzNXXxMWJsY2xmCiiAYchMQB209Oa4Q2ZiFAuxdhZu5S07DUBjqjxB7KnFwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 79546761594168f8-FRA

GET
H2 200 la-solid-900.woff2
www.otorio.com/fonts/ 94 KB
95 KB 39ms
38ms Font
application/x-font-woff2 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otorio.com/fonts/la-solid-900.woff2

Requested by

Host: www.otorio.com
URL: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
Origin: https://www.otorio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4040
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96752
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Nov 2020 08:33:53 GMT
server: cloudflare
etag: "f4691889f3c6d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FsmVVil%2BJ0zSsVMGCO0nTIvJ%2F%2BhNAKL5qb%2Bu%2FGpGBMFlx1Hod9ZRdqBxAF4PiQXiP3%2Fii%2FHdqJJV4BoF%2F0NVrXsVjKyP4uvm%2FjVo%2BpasEwmGrEaxprkh%2FGluwHV3WyvO44TYOs5ZwWywuOcFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546761594768f8-FRA
access-control-allow-headers: Content-Type

GET
H2

200

proximanova-black.woff2
otorio.com/fonts/
Redirect Chain

https://www.otorio.com/fonts/ProximaNova-Black.woff2
https://otorio.com/fonts/proximanova-black.woff2

37 KB
38 KB

121ms
52ms

Font
application/x-font-woff2

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otorio.com/fonts/proximanova-black.woff2

Requested by

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

267d7f4aad18bd4360cdc3139c9e4a3697cd81ee504c33a3cbd457a17f648331

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7025
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38068
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Nov 2020 08:33:56 GMT
server: cloudflare
etag: "9ca1eb8af3c6d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EchwRkd0N7OzpjoW2ZG41BHk2nJ8HMRhib%2BJ%2FGz60eZQ%2FlSWxFMgVPVlnA7jYSWmcrELUhMonmfZcCjM2xhMvhhlEMO6pr%2FdfPWPFO9JBoURbsQaqzz66%2FTcl0bWvQp3xYhXnOT6V5a8"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467621ac390ef-FRA
access-control-allow-headers: Content-Type

Redirect headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=1000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 342
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
location: https://otorio.com/fonts/proximanova-black.woff2
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5x8EPpZ1HwRCcf2d%2B42LflOBc%2BZu%2FlVIiqrXVo0RC8e7T3wr%2FjNPjKr%2FGUz6ovwlxPD8JbWqImlU19Ctp97ejB%2FIEmOPyGKWqrMv%2Fo4lysivLD8JRpfc8C%2F8OuV%2B%2B6FPMVQNA3mvwr4IpExGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 79546761594868f8-FRA
access-control-allow-headers: Content-Type

GET
H2 200 fontawesome-webfont.woff2
www.otorio.com/fonts/ 75 KB
76 KB 54ms
53ms Font
application/x-font-woff2 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otorio.com/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
Origin: https://www.otorio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4040
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Nov 2020 08:33:24 GMT
server: cloudflare
etag: "87731478f3c6d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7v3%2F7ABgrk7OT2IDlTQSD3W3CnRwwN%2FBz64Vuppeb73OQdAt%2BcBihu35DwcKYKYigTOQZGL2AdOut0HfL5k1D2AOVSzAXHuHEOg6K6bDEcRwW%2FdLFhh%2B3N6BUFmjkpxQIriCkwgVZtFkHCZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546761594968f8-FRA
access-control-allow-headers: Content-Type

GET
H2

200

proximanova-bold.woff2
otorio.com/fonts/
Redirect Chain

https://www.otorio.com/fonts/ProximaNova-Bold.woff2
https://otorio.com/fonts/proximanova-bold.woff2

38 KB
39 KB

129ms
72ms

Font
application/x-font-woff2

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otorio.com/fonts/proximanova-bold.woff2

Requested by

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ce2d9e77b4f63b76112632a315f5076c87fd19f89c71e46097a206a1d3f2af7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7026
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39344
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Nov 2020 08:33:57 GMT
server: cloudflare
etag: "8eaf868bf3c6d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2F91dSPV73LsZy%2FBgerNi6Q1Y43Bzs%2FRhKdWJA%2BAGTPh35%2BaINvq5KfGrP3j%2BeS84SAT9PZA9BULop5DLaQ97N%2BFKtdQGJ%2BfKD7Mcc%2BrNRYR5p8fNysZFctMIIonqy83CGawO2KhEUJI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467621ac490ef-FRA
access-control-allow-headers: Content-Type

Redirect headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=1000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 342
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
location: https://otorio.com/fonts/proximanova-bold.woff2
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2dRA4NhgUb2oRUwM5ntewtPZLePhL7aUdeE0yIu3m6VqtPf1GLG7oHIBNvNeFErgsw8vI2DPJENcpCsroIw1kdcYZ23XM5vbn3r43sfv1W82koM9KultpDfiUlJNJhZtJfYDY636s3E2gnXfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 79546761594b68f8-FRA
access-control-allow-headers: Content-Type

GET
H2 200 Pri.css
www.otorio.com/css/ 6 KB
930 B 49ms
48ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otorio.com/css/Pri.css?v=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ccf5f603bdbcf9f167c247a4aa221933b1623a4ca46c604bec84ed8bbd583910

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6795
x-powered-by: ASP.NET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Jul 2022 08:18:33 GMT
server: cloudflare
etag: W/"4ae09afb1091d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IAGzRcM3mkK94FZnx409a%2BJYkICzEpryZuNsvaAb6qzVDPyXEzIleCZgwRTD2cQPCDpCpeNGlXPYzr6%2B8qfknz9CwzVq4TjECGA%2BjxRlbQb6YI0a%2FzPJJJ62sn9wCknEJs5sCjPPInYkmN5vg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-ray: 79546761594468f8-FRA
access-control-allow-headers: Content-Type

GET
H2 200 DependencyHandler.axd
www.otorio.com/ 423 KB
71 KB 75ms
75ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otorio.com/DependencyHandler.axd?s=L2Nzcy9ib290c3RyYXAtbmV3LmNzczsvY3NzL2ZvbnQtYXdlc29tZS5taW4uY3NzOy9jc3MvbGluZS1hd2Vzb21lLmNzczsvY3NzL293bC5jYXJvdXNlbC5taW4uY3NzOy9jc3Mvc2xpY2suY3NzOy9jc3Mvc2xpY2stdGhlbWUuY3NzOy9jc3MvTmV3U3R5bGUuY3NzOw&t=Css&cdv=222636577

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

92d6b57d3abb62fd12aeb475c63888fc339932b03906714d4da08f4a90d1ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 13:58:44 GMT
server: cloudflare
etag: W/"e329876203c7e82ee63be553587a3754"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyjDrDpdB0c8sRMtBxbTswpiw8YLO2GHqaNxYKREmJbKSwvC5FFRB%2FHL4%2F3TNlKJJupGP9%2B6hVGPV1zdus3GB%2FWj9RpDC1h8hP1URreKqZUWpwzSYNMVQ0iHCFImOOK48AwRAwC6X%2BanOQ5yaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, must-revalidate, proxy-revalidate, max-age=863984, s-maxage=863984
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-ray: 79546761594568f8-FRA
access-control-allow-headers: Content-Type
expires: Thu, 16 Feb 2023 13:58:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 98ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-754075056

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c5b93e78e74b7650e243fbdbfc3dad90d277b38dc0faadd80b3f2e2f24fe5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50681
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 13:59:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 77ms
32ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
age: 52542
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8384
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 13:33:36 GMT
server: cloudflare
etag: 0x8DB05221689032C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3a8b6a68-201e-0101-2064-379f4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 795467619c4168eb-FRA

GET
H3 200 otorio_logo.svg
www.otorio.com/media/sb0hl42k/ 15 KB
12 KB 52ms
50ms Image
image/svg+xml 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/sb0hl42k/otorio_logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8c84e2048ef6fd24c8bf1dfdeb80b5a03493cab8cf65f4f571470d08373957bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2450
x-powered-by: ASP.NET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 08:43:55 GMT
server: cloudflare
etag: W/"80978fb48fad61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5c58CFlF31drpWU1C%2BTN9hImESCSJfJ9pRg5rx0U3HVmvhz1Emw1mfofgIZZhdMD7jkicbHYDx8Ehf1lehkihrRJ74C%2BMAkAwSeN6wd3b4BR%2F2T7NkLi2kRgaMJs0KYHYGFCyQSL1hNOjMxMgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-ray: 795467636e30913d-FRA
access-control-allow-headers: Content-Type

GET
H3

200

flag_us.png
otorio.com/images/
Redirect Chain

https://www.otorio.com/images/flag_US.png
https://otorio.com/images/flag_us.png

4 KB
5 KB

82ms
56ms

Image
image/png

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otorio.com/images/flag_us.png

Requested by

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3cef07414614164522c20cbf03d05bab560c789255a217809cba07349031cfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2477
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4214
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 11:25:05 GMT
server: cloudflare
etag: "9c44a993d5e8d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlqsCSiUmvO8bSb0EjUWVO7J3i81vKInNTkBdxTOFOxcavG7MsbkHISC3h%2FdqDkPYEOASzEOXijV9eppFBubYOw6JUklYor8KG6teukjciXG%2FUw6EF7GiXAlbLTyNR1ucEnObE6lmG7F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467643e6b372e-FRA
access-control-allow-headers: Content-Type

Redirect headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=1000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 342
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
location: https://otorio.com/images/flag_us.png
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPSzVtxBtC5DFoO%2BTJr8i%2BcxfwJ%2FpkmIM1Q%2BeGgvJeEWz%2BDZ%2FTktF01zBV393X51Kwuycv4xgPqYbGESwVMO11eBsU6C%2BYjnbCSb%2FSk0Ovf3wiY48ywrQmTM2PwCcnLErNc249OIK9%2FWgxvt5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 795467636e33913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 flag_germany.png
www.otorio.com/images/ 728 B
1 KB 101ms
99ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/images/flag_germany.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

44e424ea8874e320aea345f0c6437a67d2b976bdff8a92d1626a9463806dc351

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 895
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 728
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 09:57:44 GMT
server: cloudflare
etag: "ea0605fc9e8d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4K7noek%2B3RJq%2BCP1Bviy1KAiqwBFU2rBRwQDepo1nL4fbyqDj8ooF8XUWDTnxwkGkY748kL3o7tbtQF0%2B7HxXuYtXYQB8GS5pbICFmdu8j%2BjsZELyCXW1ymWT8g24tWRQophRwY9uF5t0V9zw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467636e37913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 icon-Telegram.png
www.otorio.com/images/ 2 KB
2 KB 101ms
99ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/images/icon-Telegram.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

152c3c58ea569b7fffff677816c6b08519a96bac7e6120418b6cab5642edf9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1936
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Dec 2020 06:43:50 GMT
server: cloudflare
etag: "a44517be4d1d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOpvQ7WQlJ5J08q1P3n3NZSSKNAK%2F0gpRsMY%2BoJf20wuYsLLiB9Bg5gtyRMWppNk1M84HWjWhnfxh%2FYljdLfXmh9%2FIB05NB6SKG%2Fq0OVZ2DYgoAdayqlAURLAmq6YegLSMc4Twe91oL4DIRU%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467636e3a913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 siemens-logo-500-x-150-px.png
www.otorio.com/media/uwpmhbny/ 53 KB
53 KB 102ms
100ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/uwpmhbny/siemens-logo-500-x-150-px.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0d42f3ca93d72e086ed82979a21af2b783b32a20e4fd03891874fd672a7afc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53838
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 07:50:32 GMT
server: cloudflare
etag: "1e5a43b0ff39d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WBb%2Bv0ceO7XyRdPWr4W2BbqvjAJQCDhqcWXLPoLaGVFSLJabMSVUGKexa9aT%2F3upnoeMKvkFlwc6tTiWbBnlk3RC33ybOpTupdz6DtqRLsUCXf%2FsIAn%2F3YtcLiubFpwIFfuy7MJVaqxxb5j1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467636e3b913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 alm1.png
www.otorio.com/media/jsshvxla/ 36 KB
36 KB 127ms
125ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/jsshvxla/alm1.png?width=600&height=450&mode=max

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

594c2cc207de9b07040a161a8da954e793bc2fb7674921cf72e3dac86574c6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36418
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 07:51:42 GMT
server: cloudflare
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
etag: "8eab54daff39d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKFKxmxHaJx5%2BlayfX6PiS3bHHoZ4IsWniXAxsZcNXTERdcPtCGVT6w8DGXWRDzQahjyuTEqreghfC4A2lHiPdI3x46K128iNXLbh6VuzTdE3Gf98a6t8u3A42WPs3kz4uJ5ncfmlbd0A2Damg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467636e40913d-FRA
access-control-allow-headers: Content-Type
expires: Mon, 13 Feb 2023 13:53:18 GMT

GET
H3 200 alm2.png
www.otorio.com/media/iadnl021/ 36 KB
37 KB 77ms
75ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/iadnl021/alm2.png?width=600&height=452&mode=max

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cd5acbc4152370e1e9493d2a39847f6f924b9d1fc7a2b850549863dbc683d348

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2449
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36749
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 07:51:42 GMT
server: cloudflare
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
etag: "8eab54daff39d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unKUVhqRD7fyhyYLfQh%2Fc01D9ArWP5YE8hZEcYUDQqIzYiu%2BbiMgG8WBlxQ2pGVa7CQefSlE3EF9IyVkP7LtILtVD0qFS26%2FDb%2B3zeYnEmVi0%2BxM6Q3%2BZ6tIE%2FuxCVcJry2fiNcJA5K52JP0WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467636e41913d-FRA
access-control-allow-headers: Content-Type
expires: Mon, 13 Feb 2023 13:18:11 GMT

GET
H3 200 alm3.jpg
www.otorio.com/media/n1fcglin/ 74 KB
75 KB 157ms
155ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/n1fcglin/alm3.jpg?width=600&height=639&mode=max

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

60145ce597ae4d9805d0dce0ae3120a673a7e832b84fd91f49ee4c84599532bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76130
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 07:51:42 GMT
server: cloudflare
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
etag: "97ab35daff39d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfyaSjVE%2FjYnEKax9TXJ1lzPG0J7YJvzFGMiBuBAhWwGjE2OUhj6hMZgSevxDGeXYGZC6kF6yDkmV51c%2BZ8I2hYk7mqskohCFJEGnmtmkFONSnLPbmyQ0UCnvHRXPEGjM8F22FTvxBmVj8K6tA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467636e45913d-FRA
access-control-allow-headers: Content-Type
expires: Mon, 13 Feb 2023 13:53:18 GMT

GET
H3 200 image4.jpg
www.otorio.com/media/yefe3yvv/ 60 KB
61 KB 169ms
167ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/yefe3yvv/image4.jpg?width=600&height=553&mode=max

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

217bc8046f2ad2437f3e6396200ccbd6a7147a06ea78f554d8251f8bffeaf18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61534
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 07:54:30 GMT
server: cloudflare
imageprocessedby: ImageProcessor/2.7.0.100 - ImageProcessor.Web/4.10.0.100
etag: "ca4343e03ad91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9CGrZQTvbcKiy56vdN0ErbdQLoGGIC0kR01wBWzYdEiZd%2Bzq6EldicfZz6QkrpRKcoB2bGOfZSFvldvsOLDAAgE9hU4lVJSbm1EwEyMgTFUf1bgDKfrlBUT1hiBNnh0wKu7vzmUKT7mMi2pdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467636e48913d-FRA
access-control-allow-headers: Content-Type
expires: Mon, 13 Feb 2023 13:53:18 GMT

GET
H3 200 siemens-alm-avoid-rce.png
www.otorio.com/media/vq1d53b0/ 10 KB
11 KB 183ms
182ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/vq1d53b0/siemens-alm-avoid-rce.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2880039850f22d37c9736d8aaeccd71b5c142f81f1d448a8cc6a0b6037eea10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2449
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10339
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 07:06:59 GMT
server: cloudflare
etag: "cf73c39af939d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwpS9mZsp%2BmB0ECB24uF1z6hbsDemF8np89TapKhsyyr44hK5DfEAGA9ck%2FU63JAnq9sSUzjpPTxxcShLBoim3MJRnYo5ds9p%2FDlN8llEo8pQ2%2BHi4oRpJtpbPrsUlswlPZD93KYjLNq%2F65kVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467636e4a913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 email-decode.min.js Show response
www.otorio.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 23ms
22ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otorio.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 16:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63dd3cba-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nothhi6BjBw%2FWiGRrJ6lp%2FaD2rOMsnbaQIxzVMLmwd58MyrCYKdDfwAiCVB%2FEmidH5RMyCVihKJy%2Fwnq9EiNWAjKfIgTZOqihCblMEZrZ3x0s9YNQa3yizQhgxhZNR9NkQ6YF%2B0rYMt9d50UqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 795467629d01913d-FRA
expires: Wed, 08 Feb 2023 13:59:00 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 505 KB
159 KB 98ms
44ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736f20e2a413433b3af338e6cccd1318197981ce66e68ac810e723ccbf9c10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
x-amz-version-id: JAvvLYrbAadG1K4h0HWbN.C2V4PipDw0
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 594
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2642/bundles/project-v2.js&cfRay=795458e1bd183813-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 10:10:35 UTC
server: cloudflare
etag: W/"bc37deecb11dd26ba785db0381926c28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93s%2FsAh%2BJXPj4MUv22wWTkGTolaXfbYl%2BIOQhDH19kl2X%2FLqRFnudMLZ1iSa314KqNi%2FcvG7RpF%2FNL887nJGS43sss9X6dDAN%2FBCv0Gdpzs8a8C16dEeyFd9JQwfktELfioZX5BXqB1vbUCk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 795467637c553832-FRA
x-amz-cf-id: x-BMihwQXeyjmr2k69GjehbxRCmbhe0v7bQVQRGHrCbLopvLDJbkfA==
x-hs-target-asset: forms-embed/static-1.2642/bundles/project-v2.js

GET
H2 200 8127371.js Show response
js.hs-scripts.com/ 2 KB
963 B 211ms
138ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8127371.js
Requested by: Host: www.otorio.com
URL: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b933d54728e11f601ca3b7ea077ca81685ab075ef24aa71f345e1abe3256ab65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 06 Feb 2023 13:17:39 GMT
server: cloudflare
x-hubspot-correlation-id: 155112cb-bf03-4b2b-8910-6ccc4e61b31f
x-trace: 2BEA06A541CFA5F95DD397143566E29F41EE91F7D9000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.otorio.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 79546763da722c01-FRA
expires: Mon, 06 Feb 2023 14:00:00 GMT

GET
H3 200 DependencyHandler.axd Show response
www.otorio.com/ 372 KB
101 KB 118ms
117ms Script
application/x-javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otorio.com/DependencyHandler.axd?s=L3NjcmlwdHMvanF1ZXJ5LTIuMi40Lm1pbi5qczsvc2NyaXB0cy9wb3BwZXIubWluLmpzOy9zY3JpcHRzL2Jvb3RzdHJhcC5qczsvc2NyaXB0cy9vd2wtY2Fyb3VzZWwubWluLmpzOy9zY3JpcHRzL3NsaWNrLmpzOy9zY3JpcHRzL3dvdy5qczsvc2NyaXB0cy9zaW1wbGVQYXJhbGxheC5taW4uanM7L3NjcmlwdHMvY3VzdG9tLmpzOy9zY3JpcHRzL2xhenlzaXplcy5qczsvQXBwX1BsdWdpbnMvZm9ybXVsYXRlL3Jlc3BvbnNpdmUucGxhaW4tamF2YXNjcmlwdC5qczsvc2NyaXB0cy9jdXN0b20tZm9ybXVsYXRlLXNjcmlwdC5qczs&t=Javascript&cdv=222636577

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

aba9657fa252d1d324691bd6f3cf82e8e4d857523ad616a40d836178c18d592c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 13:58:44 GMT
server: cloudflare
etag: W/"a30ee5649d2cd858356cad9df973c642"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Flav4DTJvaAusVnVfUhIJX1t%2BB%2Bw3RuxmbV47%2B2t26x5qmpO6kC9CXVTydMUjHxvY6bAR64EypyP7iZLXL6ncpjwxMTjMBJ6YrXytAKYBtkZuWV%2FzPFoTxMIW8UBTeJeL7N8OogZJJYftOPshg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, must-revalidate, proxy-revalidate, max-age=863984, s-maxage=863984
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-ray: 795467635e14913d-FRA
access-control-allow-headers: Content-Type
expires: Thu, 16 Feb 2023 13:58:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
1 KB 251ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.otorio.com
URL: https://www.otorio.com/css/Pri.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53f4cc30a0cdd34d16dfda9a1e410b541dd08c7711fc2a763045b812ba65150c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 13:26:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 13:59:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
87 KB 124ms
74ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3Z8CPW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98d0c2891cc4704d01c9f548a2fa2357d57dd3f464eafd0d9a801ee8b813ce4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89257
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 13:59:00 GMT

GET
H2 200 050344df-2876-495e-a222-14965ed0a1cb.json Show response
cdn.cookielaw.org/consent/050344df-2876-495e-a222-14965ed0a1cb/ 4 KB
2 KB 97ms
48ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/050344df-2876-495e-a222-14965ed0a1cb/050344df-2876-495e-a222-14965ed0a1cb.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af58688819fffabef98aa534302c506ed9d44441310d82462e0573782d96f138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: b+K3Z3odTgEeOPigpqAx2g==
age: 15239
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1619
x-ms-lease-status: unlocked
last-modified: Wed, 15 Jun 2022 10:31:23 GMT
server: cloudflare
etag: 0x8DA4EBA31EE610C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 69df5266-401e-0073-36bc-80a825000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79546763ac943738-FRA
expires: Tue, 07 Feb 2023 13:59:00 GMT

GET
H3 200 menu-arrow.png
www.otorio.com/images/ 1 KB
2 KB 164ms
164ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/images/menu-arrow.png

Requested by

Host: www.otorio.com
URL: https://www.otorio.com/DependencyHandler.axd?s=L2Nzcy9ib290c3RyYXAtbmV3LmNzczsvY3NzL2ZvbnQtYXdlc29tZS5taW4uY3NzOy9jc3MvbGluZS1hd2Vzb21lLmNzczsvY3NzL293bC5jYXJvdXNlbC5taW4uY3NzOy9jc3Mvc2xpY2suY3NzOy9jc3Mvc2xpY2stdGhlbWUuY3NzOy9jc3MvTmV3U3R5bGUuY3NzOw&t=Css&cdv=222636577

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0ce9dd3e37ad0c9b7ca2fe51421180110c5e69e10533215e61a8abd71d911da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/DependencyHandler.axd?s=L2Nzcy9ib290c3RyYXAtbmV3LmNzczsvY3NzL2ZvbnQtYXdlc29tZS5taW4uY3NzOy9jc3MvbGluZS1hd2Vzb21lLmNzczsvY3NzL293bC5jYXJvdXNlbC5taW4uY3NzOy9jc3Mvc2xpY2suY3NzOy9jc3Mvc2xpY2stdGhlbWUuY3NzOy9jc3MvTmV3U3R5bGUuY3NzOw&t=Css&cdv=222636577
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 896
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1074
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Nov 2020 08:32:42 GMT
server: cloudflare
etag: "de4ed05ef3c6d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qarQYaLnd3OYa5xG1Vieh46MREOBjYVwRnsGI559EVgcrZZhs2D2FUBcxohc7Evz3NpGsBOlDy9NU%2Fej%2FE5PYMw%2FXF9Dx3cYzd5K7DrevSKdVEjglDPNOOo8TTjwdxoVfWFkqLr8HTDP7ohYbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467638e96913d-FRA
access-control-allow-headers: Content-Type

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 111ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otorio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:02:49 GMT
x-content-type-options: nosniff
age: 345371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:02:49 GMT

GET
H3 200 siemens-blog-header.jpg
www.otorio.com/media/c2fb3bcs/ 211 KB
212 KB 136ms
136ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/c2fb3bcs/siemens-blog-header.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

afd6cb0e72c8c1de6691650ad6198ad7241b1e521271ddf726035c4089bfa9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2449
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 215950
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Feb 2023 16:42:29 GMT
server: cloudflare
etag: "4b794bd68039d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TVQw4CT0tVjKu4G1FUmn0XX7BFcFGJGAxg7WuAVo3fsG4Aoe08Mx%2FrpSICwCRigImYoKlClIVBQ%2BDUmkxDRXHmQiN7R8uNDJsm6Kv8q1vQU1JF85V0qeZItj5TmCBGNNXoCCq7A0Z6YYl8Ciw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546763bee8913d-FRA
access-control-allow-headers: Content-Type

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 106ms
43ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otorio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 01:27:12 GMT
x-content-type-options: nosniff
age: 390708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:27:12 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 125ms
47ms XHR
application/json 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.otorio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 795467648eb02bc3-FRA
access-control-allow-headers: Content-Type

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/8127371/0d97e49d-269a-4ba1-abbd-7431f8991081/ 3 KB
2 KB 185ms
139ms XHR
application/json 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8127371/0d97e49d-269a-4ba1-abbd-7431f8991081/json?hs_static_app=forms-embed&hs_static_app_version=1.2642&X-HubSpot-Static-App-Info=forms-embed-1.2642

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e375d2f6d444da5fba442ed32d2ce19dea1edc7562adaaf927c3bbf9288bf59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.otorio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-origin-hublet: na1
date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 660261c6-9553-4095-9e24-0e4760744c84
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B9C9E264B0B25E0625574A92C9CE225EDDCC4603B000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.otorio.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 79546764cdb535fe-FRA

GET
H2

200

proximanova-regular.woff2
otorio.com/fonts/
Redirect Chain

https://www.otorio.com/fonts/ProximaNova-Regular.woff2
https://otorio.com/fonts/proximanova-regular.woff2

39 KB
39 KB

51ms
50ms

Font
application/x-font-woff2

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otorio.com/fonts/proximanova-regular.woff2

Requested by

Host: www.otorio.com
URL: https://www.otorio.com/css/Pri.css?v=2

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7e2f9566baf595728fc1f916c135309e2d4d049f27cd82b4d6b31cd67bde4f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7024
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39732
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Nov 2020 08:34:00 GMT
server: cloudflare
etag: "60c84b8df3c6d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/x-font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RT1%2BO80Xv4iTLgAQE03bcF%2FlFHxAtp2gRtZl1Mk%2BXYvTKiQ2XIAa6TPNvUWbadHUoDrdlp3a7W6pAoj6vdwyUsrOW2W9UavhgyTKBSyfTeCQPLvjnmsA0alFcZ2ujBaobIsTn2ezwin%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 795467653ec190ef-FRA
access-control-allow-headers: Content-Type

Redirect headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=1000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 341
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
location: https://otorio.com/fonts/proximanova-regular.woff2
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKUcvmx6zj0ajpnaCHd95Yle%2FQl9Vp%2BErhjsGg6L%2B4Hi7%2BXmDCW0b0vO430VdJylesnGlYqPf5cYpUqQQcQwsqpWxOepxNweEvfPAhbGrcNqWztTz2DfAoE%2Fbw9k0KaxwEpC%2BIstcnaUbPH%2BZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 79546764784c913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 700x500-siemens-blog.jpg
www.otorio.com/media/fmsgetgg/ 326 KB
327 KB 41ms
38ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/fmsgetgg/700x500-siemens-blog.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

fe4ba8357fa22a3819ddbf5d06de7ce977d588d5f731a827bd786801923aaca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2449
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 334030
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Feb 2023 16:43:14 GMT
server: cloudflare
etag: "211e7f08039d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60xkbgxYRV2sYBSwkvFTLvA%2Bx%2BiEqiZ%2FTBFkTKeBY1OchzlebOxVj39KLhI3rwnOJ0jsAbQOEtrkFvjjG6ozGBNPOG6oz5PfOA8bU%2Fanbd8nWkuP%2FYRpS5oW4vpBN3meBcK0sMUwYRV4dP0ZOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546764f8fa913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 sw-700_500.png
www.otorio.com/media/waxizhi1/ 506 KB
506 KB 75ms
73ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/waxizhi1/sw-700_500.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8cc98f192095b974c1bd01ca07fbc7d4f7a2437a734079b12f32d5f7c5493ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 517670
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:43:25 GMT
server: cloudflare
etag: "70c85035b934d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi5rbruMXhPKWz%2FqqsJ%2F3Y3KlBjzAFYBhW9p0PMuszheNReKK66jHYxZP7hLqG9lSJTjlyO2Jo3Ncf3pwtdjI7e8KTlXorknmklfqb40Fxsf2CE3nUEEYG0hSPggCzeosPX0gqR0SqwiI%2FEJLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546764f8fd913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 secure-by-design-700x500.png
www.otorio.com/media/4i5du4w1/ 491 KB
491 KB 106ms
104ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/4i5du4w1/secure-by-design-700x500.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

dfeacae04ce25ffacd8a43927f74cbbce8974232003dc322da57c2361332f63f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2449
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 502531
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 13:51:06 GMT
server: cloudflare
etag: "549bbee7fa2fd91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11Zu1fb1GpRGRfUgbUPq0KfWS0EdN5hGUH4oHoKigrWcV%2BwA4AQ9F8262PF9uemALDXWclWN56taj14dwIysUobD3DmRuHZZATECLlLMxqYqYHkCZCuEBz5Tj2XnuAjtwiapZfR%2BiZjusA9%2FnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546764f8fe913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 oto-critical-infrastructure-700x500.png
www.otorio.com/media/sfad4jjn/ 162 KB
163 KB 171ms
169ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/sfad4jjn/oto-critical-infrastructure-700x500.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

254b99d0a08c7d8a737603b6137db9ca887b288f5433a813b586ede6ceb7c143

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 166091
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Jan 2023 09:51:55 GMT
server: cloudflare
etag: "a7c5a58eb20d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyPeL7lkWbYidkt4AukB7snZCb0MXOkeOSZPg03zFm%2FV6Sxbw9ATnFdEFu56Gwqjg%2BSXCCm9jpeECvQe4X%2FATY2iCFrFXeu1wrMZJb1yESFHp1JrvVzHtDAxQCHzhtE%2Bbpj490NjuZ2%2B%2ByMvHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546764f8ff913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 oto-2023-reso-header-700x500.png
www.otorio.com/media/od0d4yan/ 156 KB
157 KB 175ms
173ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/od0d4yan/oto-2023-reso-header-700x500.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c39715e312897e5aadc198fe9ba0ad86b783e0a335ef553d4d49523f981837e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 159951
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Dec 2022 07:14:39 GMT
server: cloudflare
etag: "e9d652e2c219d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MtR%2BzlsoNQ6Q1FjouFP4XWlbtOYy6ZhIZ3FCio5JTM20tbRUWdua5C4tSdfGu0HZjFQX8EmHF%2BG0m%2B5%2BjxFgpGGSCktHLtOcGyaEdYYPXcVpolxi71ivS%2B5EyEsfssrRjSd3PNN7HoqzvyLdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546764f901913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 pp-casestudy-700500-blog.png
www.otorio.com/media/gj1pjwcp/ 300 KB
300 KB 190ms
188ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/gj1pjwcp/pp-casestudy-700500-blog.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4d84bb1c8fbb0b8017dc628f52cad64a3af6001b6c1fcef817a16f1b7026d797

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 307034
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2022 09:55:51 GMT
server: cloudflare
etag: "68373a3e5914d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAJtiMGp1gZVfed9%2FI3IKc7ybIDLNB8bmVxcKmrtoZLVzwnO0Vg4XDyh%2FuKoS8cjt1oBvk%2FB1wWlDexZc25LEsoxpeJbIlMztFBulFyBuibLH15J3hbYSSb3ka8tR%2FYxPV5ptAUmcuSqoAWziA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546764f904913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 oto-2022-attack-header-700x500-v2.png
www.otorio.com/media/4omlkpds/ 39 KB
40 KB 208ms
207ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/4omlkpds/oto-2022-attack-header-700x500-v2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ece6bd339f80063a04da05ae574df08181e596fd46c37ee7e608a8fde278741a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40174
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 08:59:05 GMT
server: cloudflare
etag: "837e67a1a15d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvjJrnPO9QyLf94MdjzRkTxeanbSZAlIJZit2yoy2anL4JtYLjNCi9XD5U67k%2BX4gKjx9yZDaywqI5iOplUvE8GSJkdFJ%2FVASK8%2Bh76cNe%2BK5aUqCnr1hNrDShdB6p0qKdb64EDCNsal1k1sbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546764f906913d-FRA
access-control-allow-headers: Content-Type

GET
H3 200 700500-pp-blog.png
www.otorio.com/media/puyiuuul/ 334 KB
334 KB 210ms
209ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otorio.com/media/puyiuuul/700500-pp-blog.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ade7a6581c7c63f35ce579de932150743b29cebb7684ac1bed2836ba84b4782f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2449
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 341803
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Dec 2022 15:47:08 GMT
server: cloudflare
etag: "1e5463ff899d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BnJnBNmUD%2Fg8WTXzw84JYtEaoYTyTu9xEDD60QPYeCPljoFK9uIZGi5Y7UkVC2T69OnCqggIfA7mXA%2BeDZM38BJr9H75UYAmKiwrkVLsQUyAh3et0l466EQ0r8PhOITJw0wNTb9t2B8vOAfCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 79546764f909913d-FRA
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/754075056/ 3 KB
1 KB 283ms
103ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754075056/?random=1675691940645&cv=11&fst=1675691940645&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&auid=1588574426.1675691941&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-754075056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52ce7114db314e5f47a96245f8dbc6219dcad19d1a2d7199c1284fd20f9a5046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1137
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 186ms
35ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3Z8CPW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 13:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2812
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Feb 2023 15:12:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/754075056/ 2 KB
2 KB 225ms
69ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754075056/?random=1675691940679&cv=11&fst=1675691940679&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&auid=1588574426.1675691941&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3Z8CPW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573c3b808654d2f90cf539a2a1d8326a83814568fe741394cee8c0c0b292fb99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-1758446.js Show response
static.hotjar.com/c/ 8 KB
4 KB 172ms
34ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1758446.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3Z8CPW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

f8b7016dc2b4069ef1f1bd3a7761f31109a8c08d6788d463311fbd06954435ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 13:58:45 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/5b7319cd8281111d3533d896a06b57f6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: ROTi2E3kyfU_Ygn0aJPyyXnOqZRH6pOgqpHbBPGOCQzfu_2HIbGUiQ==

GET
H2 410 8923.js
script.crazyegg.com/pages/scripts/0103/ 0
0 178ms
37ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0103/8923.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3Z8CPW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
cf-cache-status: HIT
last-modified: Mon, 06 Feb 2023 08:12:03 GMT
server: cloudflare
age: 20817
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 795467664a0a30c6-FRA
content-length: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 179ms
31ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3Z8CPW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=62009
accept-ranges: bytes
content-length: 4777

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10933193118/ 2 KB
1 KB 250ms
102ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10933193118/?random=1675691940688&cv=11&fst=1675691940688&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&auid=1588574426.1675691941&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3Z8CPW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

686a746a510e9691530632db09476294ef4b62d40ece658532fa9ccd8243c4ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1124
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6282587295cf0e0012d0c634 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 339ms
195ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6282587295cf0e0012d0c634

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

34645a36b5a0b01d5faea1ee53b7269c304eb3a8fd80d468b28490c9c911698e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79546766492d2bdc-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 171ms
27ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 Feb 2023 13:59:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: CnKq10swHw0Zvw5ZVK8H3Cy1PJLMio0z2mLdCr5RctO9B2YYcyh+ygmMb6Y6zk4uoe9ik2BSvyX3BdHfO4wOUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 158ms
20ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: czd8v04.na1.hubspotlinks.com
URL: http://czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW7ry9sS272B9XW9kQjWd4nswQrW88Xsqf7Sx1n-W3fRzKJ38BbpqVcFkCm8cwb-CW7X2YXR4CpHTVW8lCTDy7H6J1FVmY6VB9cp4-BW4dxS021WMdrSW32HmdV4qShR9W2wT1dg98r4-cW2lMRCq67KjMGW3_V6Wd6lkm92W4xx8jJ6HRfgyW71tRb36f3swzW5FtYN-6qMcv1Vl6jFd40J6bKW2ySqhK2DSPvWW3JWTJJ1Txv1cW1L73S15DDSXQMm055GJxnSVW3jrMhD44KCbyMT5DhfL8LpvW63ZB4d4v5PgPVYfb-D6p1rc7VbM5t73Y1Ftp3g7H1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220036-HHN

GET
H2 200 lftracker_v1_kn9Eq4RyyEr7RlvP.js Show response
sc.lfeeder.com/ 31 KB
11 KB 120ms
23ms Script
application/javascript 2600:9000:20eb:4a00:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_kn9Eq4RyyEr7RlvP.js
Requested by: Host: czd8v04.na1.hubspotlinks.com
URL: http://czd8v04.na1.hubspotlinks.com/Ctc/RI+113/cZD8V04/VWQfb17K1JT5VPHG783gRC3jW8GDvjX4WJp0kN8DGmFf3lScZV1-WJV7CgzNxW8qbNcq1lJ38VW1VFWCS1SL9T-MLhzt_GWrP0W5yZKmP7DJx0xW7ry9sS272B9XW9kQjWd4nswQrW88Xsqf7Sx1n-W3fRzKJ38BbpqVcFkCm8cwb-CW7X2YXR4CpHTVW8lCTDy7H6J1FVmY6VB9cp4-BW4dxS021WMdrSW32HmdV4qShR9W2wT1dg98r4-cW2lMRCq67KjMGW3_V6Wd6lkm92W4xx8jJ6HRfgyW71tRb36f3swzW5FtYN-6qMcv1Vl6jFd40J6bKW2ySqhK2DSPvWW3JWTJJ1Txv1cW1L73S15DDSXQMm055GJxnSVW3jrMhD44KCbyMT5DhfL8LpvW63ZB4d4v5PgPVYfb-D6p1rc7VbM5t73Y1Ftp3g7H1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26e99d4432afd69025c5fa541aec194437f2417bf80a36196afaa85e1f3559d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: WeeXO1ydSHE_mAuBlFwqscpSI1J1t8Uq
content-encoding: gzip
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
date: Mon, 06 Feb 2023 13:53:22 GMT
last-modified: Fri, 03 Feb 2023 11:10:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 2894
etag: W/"672fa49728ad03d0156f9e7571f3359e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: BhdkB3IoEn2p8Io2hMVFnx2VItNv9oZtLPdwy_ZtYHvUCKNkG3sGdA==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.36.0/ 362 KB
86 KB 38ms
33ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8atDBk1Pe2rTtV5h1AnhkA==
age: 52533
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 87793
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:29:06 GMT
server: cloudflare
etag: 0x8DA48BBFD0F8D63
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 23691863-101e-00c1-31b0-7a535f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79546765699968eb-FRA

GET
H2 200 powr.js Show response
www.powr.io/ 15 KB
6 KB 115ms
32ms Script
application/javascript 2606:4700:10::6816:32f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.powr.io/powr.js
Requested by: Host: www.otorio.com
URL: https://www.otorio.com/DependencyHandler.axd?s=L3NjcmlwdHMvanF1ZXJ5LTIuMi40Lm1pbi5qczsvc2NyaXB0cy9wb3BwZXIubWluLmpzOy9zY3JpcHRzL2Jvb3RzdHJhcC5qczsvc2NyaXB0cy9vd2wtY2Fyb3VzZWwubWluLmpzOy9zY3JpcHRzL3NsaWNrLmpzOy9zY3JpcHRzL3dvdy5qczsvc2NyaXB0cy9zaW1wbGVQYXJhbGxheC5taW4uanM7L3NjcmlwdHMvY3VzdG9tLmpzOy9zY3JpcHRzL2xhenlzaXplcy5qczsvQXBwX1BsdWdpbnMvZm9ybXVsYXRlL3Jlc3BvbnNpdmUucGxhaW4tamF2YXNjcmlwdC5qczsvc2NyaXB0cy9jdXN0b20tZm9ybXVsYXRlLXNjcmlwdC5qczs&t=Javascript&cdv=222636577
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:32f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d232c038e1fb2cbfab2ce06e9a4789b9a57a5a89a1faf1ae3e110c0fc0c3ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 06 Feb 2023 09:51:32 GMT
x-origin-instance: heroku
age: 14636
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
cf-ray: 79546766f8675b2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Feb 2024 09:51:40 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 90ms
41ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8127371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
x-amz-version-id: voeLZ8jD1qAOp4h9t0pVQ2YHSdN3ebgQ
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 241
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.317/bundles/pixels-release.js&cfRay=7954616c4ce9916e-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Jan 2023 04:09:31 UTC
server: cloudflare
etag: W/"bde7af4ffd2c05ea8423271f767ebc69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 79546766ccbd9bfb-FRA
x-amz-cf-id: hiWIYVOXF8QLu-RjMF77vXhYQZRDKLLUeBYghYfbQJCj-I6ysCYeQA==
x-hs-target-asset: adsscriptloaderstatic/static-1.317/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/8127371/ 202 KB
63 KB 222ms
142ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/8127371/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8127371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1e1af697c7aec4138bb4cdefaba8fcc6b98b73bd1274ee53e73d839062dd02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
x-amz-version-id: dFXizUbrqf7oDzg5wBO90yRE_d14LLQ9
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 3CAQTBQGP8TF7VKP
x-amz-server-side-encryption: AES256
x-amz-id-2: 6fhyS740zB/ysHy8Sq8w6885bpQgdiuzMujPy9UrGTa8E4kF73UJsB32LbxdjIfOLcB6Jal6mC8zUQdGPophiw==
last-modified: Fri, 03 Feb 2023 20:58:22 GMT
server: cloudflare
etag: W/"26042dc2b66345d04732c3b2042d3ff5"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.otorio.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 79546766f8c62bba-FRA
expires: Mon, 06 Feb 2023 14:04:01 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 544 KB
87 KB 117ms
38ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8127371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

Request headers

Referer: https://www.otorio.com/
Origin: https://www.otorio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
x-amz-version-id: 9g41IgVIr3w9wyiFOHn4rgapkQc72OJD
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 12395
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js&cfRay=795338c7bd639235-IAD
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Feb 2023 01:26:06 UTC
server: cloudflare
etag: W/"998dfd36d3c4078a3a05a1a77e61963c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 79546766fe669243-FRA
x-amz-cf-id: QmC5Zdp4JQAjugLiCqLZYdgHpJKeqCcVmcOoILJ6fcDW1x8kV3UVpA==
x-hs-target-asset: lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js

GET
H2 200 8127371.js Show response
js.hs-analytics.net/analytics/1675691700000/ 65 KB
20 KB 112ms
35ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1675691700000/8127371.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8127371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88219f1eafc0c451f127cdf1679295a50465396b1b49331b934809cc520a4012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ACV8VD77DYGYMDZR
age: 79
x-amz-server-side-encryption: AES256
x-amz-id-2: 11q8pm7E+L+9he97gQYY8xcL9KbLweRJknpenomsCF0X1Pg9QQmFxGhrKfLdTGpY9YTJSaKmwrRwqdg9nfH5fw==
last-modified: Wed, 18 Jan 2023 20:23:17 GMT
server: cloudflare
etag: W/"bd36372007d16c423796dadf5cbbdb37"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 79546766fcbb90bb-FRA
expires: Mon, 06 Feb 2023 14:02:41 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 68 KB
25 KB 287ms
36ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8127371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7

Request headers

Referer: https://www.otorio.com/
Origin: https://www.otorio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
x-amz-version-id: SN4HXBautbT5xHa4DdPckLpyluwLE8QR
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 334
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.312/bundles/project.js&cfRay=79545f434c5c5b80-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:49:13 UTC
server: cloudflare
etag: W/"349cabd549e2249f8fb6ac3ac6f08e00"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 795467684fad9972-FRA
x-amz-cf-id: iPf5r2CeLqGiXosd9TIjqL1oxcMq--KozzSYvmMBlHwm1anOe2Y4wQ==
x-hs-target-asset: collected-forms-embed-js/static-1.312/bundles/project.js

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 155ms
131ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 7c2e704b-5873-49e1-8245-5d6b86633e45
x-trace: 2B906FB1A9DE9361C73DE7F9A455442774AC640D76000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 79546765ee462bac-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
436 B 341ms
127ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 02fba3e5-4535-465f-aa2c-1ed00fac6092
x-trace: 2B1442E0356CA868DE74CB2965D144B0A664560520000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 795467684aea9010-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsct
t.co/i/ 43 B
377 B 366ms
135ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=4175b6c7-0c49-4fc4-a750-ecb6a8ef3f82&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6ccd8797-540f-4759-9b15-fd73701fa448&tw_document_href=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8wib&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 06 Feb 2023 13:59:01 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b01942ab434fa946
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 4b90c5eb85c3fa91aea4e0ed43eeeb671ebfedc00eb0bdeb33a0f2da39c7b006
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 328ms
128ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4175b6c7-0c49-4fc4-a750-ecb6a8ef3f82&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6ccd8797-540f-4759-9b15-fd73701fa448&tw_document_href=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8wib&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 107
date: Mon, 06 Feb 2023 13:59:01 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b9000897071b38db
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 08cafe4f07659bf79bb0e00cee5f85c780a1599fcb67594e8b2f8accf26b1e75
content-length: 43

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/050344df-2876-495e-a222-14965ed0a1cb/670f71a6-abf5-4282-ab71-c567773d0a0c/ 42 KB
9 KB 35ms
32ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/050344df-2876-495e-a222-14965ed0a1cb/670f71a6-abf5-4282-ab71-c567773d0a0c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7410a204809476bcbdb845cc08b3266f16e0e60a1b11528dd0aecb83624dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 13:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: I0kfpyF4cjY0jG1LRnNN4g==
age: 15238
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 9207
x-ms-lease-status: unlocked
last-modified: Wed, 15 Jun 2022 10:31:23 GMT
server: cloudflare
etag: 0x8DA4EBA32145A6D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7d1ac373-901e-0157-55a6-80773e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79546766a9ce3738-FRA
expires: Tue, 07 Feb 2023 13:59:00 GMT

GET
H2 200 modules.bca0d1c28285412bb689.js Show response
script.hotjar.com/ 260 KB
67 KB 225ms
24ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bca0d1c28285412bb689.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1758446.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

8a2eec716594a088e751fb0238d964df99bbab6d347cd0ad8f61316ae4caa0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 13:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 262135
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 67924
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
etag: "e923aa360dc485b9df86355bd040c998"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: HiO-6HTRKepzBcvjC1Uh-SIF8ftgBiU9OuOt7yuXmeH-omQIKUuzMw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2287769/domain/otorio.com/ 36 B
376 B 90ms
22ms XHR
application/json 2600:9000:20eb:bc00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2287769/domain/otorio.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.otorio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:25:02 GMT
content-encoding: gzip
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2038
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: LKMAauGqiGXInsF8TSWYSYzRk6dRcsZ5TF1bWqQgpTSD2AIUpYW97g==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2287769&time=1675691940903&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2287769%26time%3D1675691940903%26url%3Dhttps%253A%252F%252Fwww.otorio.com%252Fblo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2287769&time=1675691940903&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2287769&time=1675691940903&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%...

0
265 B

272ms
125ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2287769&time=1675691940903&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tm=gtmv2&liSync=true&e_ipv6=AQL78HT31YIg4gAAAYYnBd6ZSLOX47WlSphVvYOVO_dfJqXJfjdWB3sNe_0e-9QzZ_sDbSEX80YO
Requested by: Host: www.otorio.com
URL: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: ED640B4FF38943CF8B081CFC4196062F Ref B: FRAEDGE1207 Ref C: 2023-02-06T13:59:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0CG7xaK6kRSC6OXgt0w==

Redirect headers

date: Mon, 06 Feb 2023 13:59:01 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 213DC502B0DD4698A258113EE7A5DB69 Ref B: FRAEDGE1409 Ref C: 2023-02-06T13:59:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2287769&time=1675691940903&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tm=gtmv2&liSync=true&e_ipv6=AQL78HT31YIg4gAAAYYnBd6ZSLOX47WlSphVvYOVO_dfJqXJfjdWB3sNe_0e-9QzZ_sDbSEX80YO
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0CG7tRwIaN/8YEtFIPQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 56ms
55ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1150326461&t=pageview&_s=1&dl=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=553959439&gjid=404471291&cid=1981665760.1675691941&tid=UA-134445005-1&_gid=1820280122.1675691941&_r=1&_slc=1&gtm=45He3210n81K3Z8CPW&z=199056388

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otorio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otorio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1177008946445707 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 32ms
27ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1177008946445707?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f9295eb4991e59d7c2415d7bfa64be965ea61cb404acf8235e264e904eef0ad

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 06 Feb 2023 13:59:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110200
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jJIA9bqwXmtKMf6ru/1Wzb5mFCbOiZMU74dbRddRGOUxYiiXNDAdw1nn9Sir8DsR1qvPFabm+AVM3cIfMXzjRg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/754075056/ 42 B
455 B 245ms
63ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/754075056/?random=1675691940679&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&fmt=3&is_vtc=1&random=3510248376&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/754075056/ 42 B
455 B 177ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/754075056/?random=1675691940679&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&fmt=3&is_vtc=1&random=3510248376&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ 13 KB
3 KB 48ms
36ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 13:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fOX75b8gO1oiJUk/36PurQ==
age: 15239
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2959
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:28:56 GMT
server: cloudflare
etag: 0x8DA48BBF6CB86AA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a2735556-901e-003e-1110-806ec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 795467673ae43738-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/ 59 KB
13 KB 61ms
38ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 13:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ee1LIfkTbcemCp7i24lw6Q==
age: 15239
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12974
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:28:58 GMT
server: cloudflare
etag: 0x8DA48BBF82DCA58
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bf34932c-d01e-013d-1b10-802b95000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 795467675b353738-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ 21 KB
4 KB 60ms
37ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 13:59:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 15239
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:29:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 638f9150-d01e-007d-5010-80442e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 795467675b373738-FRA

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame C35B 2 KB
1 KB 82ms
20ms Document
text/html 13.224.189.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1758446.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-122.fra2.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.otorio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 262135
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-id: H3O9pKZFZqBNcJTWSG-MD2svfKpabpOgFHcBKze14FPQyZcaV03_aA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 196ms
26ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-134445005-1&cid=1981665760.1675691941&jid=553959439&gjid=404471291&_gid=1820280122.1675691941&_u=YEBAAAAAAAAAAC~&z=1519870662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otorio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 13:59:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otorio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10933193118/ 42 B
108 B 208ms
65ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10933193118/?random=1675691940688&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&fmt=3&is_vtc=1&random=3212298581&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10933193118/ 42 B
108 B 98ms
39ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10933193118/?random=1675691940688&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&fmt=3&is_vtc=1&random=3212298581&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/754075056/ 42 B
108 B 68ms
61ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/754075056/?random=1675691940645&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2659299057&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/754075056/ 42 B
108 B 40ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/754075056/?random=1675691940645&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&tiba=OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2659299057&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
tr.lfeeder.com/ 43 B
294 B 147ms
54ms Image
image/gif 18.66.122.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=kn9Eq4RyyEr7RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTEzNDQ0NTAwNS0xIl0sImdhTWVhc3VyZW1lbnRJZHMiOlsiQVctNzU0MDc1MDU2Il0sImdhQ2xpZW50SWRzIjpbIjE5ODE2NjU3NjAuMTY3NTY5MTk0MSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjYwLjAifSwicGFnZVVybCI6Imh0dHBzOi8vd3d3Lm90b3Jpby5jb20vYmxvZy9vdG9yaW8tcmVzZWFyY2gtdGVhbS11bmNvdmVycy1yY2UtYWZmZWN0aW5nLXNpZW1lbnMtc2VydmVycy1pbmNsdWRpbmctcGNzLTcvP3V0bV9tZWRpdW09ZW1haWwmX2hzbWk9MjQ0MzAxNzYxJl9oc2VuYz1wMkFOcXR6LTluUnp2VXh6S3hQRjh5ZUwtSkx6S0w5YzVIV2ZPWnY5MUs2M1BnUVpQNWZzb1hFRHQ2aTBxUmpiOVRNZzBrZjJGZlBaSXpWTGw1a3hlRGUzUENuTHlvdzBaXzJIejFiT2tIS1hJd3k1ejY0ZFh1MHRjJnV0bV9jb250ZW50PTI0NDMwMTc2MSZ1dG1fc291cmNlPWhzX2VtYWlsIiwicGFnZVRpdGxlIjoiT1RPUklPIFJlc2VhcmNoIFRlYW0gVW5jb3ZlcnMgUkNFIGFmZmVjdGluZyBTaWVtZW5zIFNlcnZlcnMgSW5jbHVkaW5nIFBDUyA3IiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJlY2NlNTQyODNiZDUzNjQwIiwic2NyaXB0SWQiOiJrbjlFcTRSeXlFcjdSbHZQIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS43Y2FkMjYzOGFiZWQ1ZTlkLjE2NzU2OTE5NDEwNDQiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoic3BhIn0=
Requested by: Host: www.otorio.com
URL: https://www.otorio.com/blog/otorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7/?utm_medium=email&_hsmi=244301761&_hsenc=p2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc&utm_content=244301761&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-107.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: rhWcxm8Sj14XQmft3tEEuyLBDO5_1OAhSlKg8cfHaPgjCjkzjjNJVQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 83ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1177008946445707&ev=PageView&dl=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&rl=&if=false&ts=1675691941088&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675691941087.1005401900&it=1675691940925&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 06 Feb 2023 13:59:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 114 B
878 B 214ms
157ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=8127371

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a66a3c15df44e300571fed8ce839f5a891b491f5b7088ff217fde4758f00b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b273b25d-0529-49b5-902a-eba77d98fc14
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B9738FBCA06D179F2191DE5DDB68EC534B96D813A000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.otorio.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knNkEr7hTkYWJgHwu3srk%2F%2B1XV%2FuCIoU87X5GClbe6aNCedhypQS6JnrDuYXVdJVtLgQzN5qNS7zrz0mLZftJVhhCE%2BL7GWIwWTDcMm%2BiW2QItIzxMyxdVsW7RM9LEcLrV%2FST1iHsXougY7L"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 79546768789f6993-FRA
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 80ms
41ms Image
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 13:59:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 52543
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 13:33:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 37e5f1ab-101e-00ca-7f5b-374b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79546768fded68eb-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 108ms
72ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-134445005-1&cid=1981665760.1675691941&jid=553959439&_u=YEBAAAAAAAAAAC~&z=1520743216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 81ms
45ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-134445005-1&cid=1981665760.1675691941&jid=553959439&_u=YEBAAAAAAAAAAC~&z=1520743216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:59:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 209ms
138ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8127371&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6370d120b1cd5f015a496e8ecd09908eb940aeedebd890b1f6c6cc28071815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.otorio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9c88e7d2-d88e-4681-813b-8814d3064a3e
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.otorio.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrGTNoW4aCSLBThgDA9AgVCIRYtnNGVGG8mInsf17D%2FB%2BPcrV4ErrG9x%2FQHtSuLTjAq%2Bhiz%2FuJq4XFTVSaScIqp4JjNQgc4cWZ6qKDeY8575cfycLcGZy8N%2FYKJ4vLnIFWsLAeuoH%2Bta%2BDwtGKb6"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 79546769cc1c3a98-FRA

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1758446/ 148 B
323 B 177ms
58ms XHR
application/json 54.220.64.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1758446/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bca0d1c28285412bb689.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.64.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-64-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 07664fd6a9195b3edd30b67c88838d1322752e5ae983c4bca5ae5fad4b6b4f34

Request headers

Referer: https://www.otorio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 33ms
32ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=62008
accept-ranges: bytes
content-length: 4777

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
356 B 137ms
137ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 6eac7cde-3945-4a59-98bb-3b9d387cce49
x-trace: 2B1028BE44C0FD2E9AB626F782FE277FE42582868A000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7954676aad612bac-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
556 B 220ms
148ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1858685340&v=1.1&a=8127371&pu=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&t=OTORIO+Research+Team+Uncovers+RCE+affecting+Siemens+Servers+Including+PCS+7&cts=1675691941870&vi=91e35bc018313a6ae9d239d5c175ba3f&nc=true&u=175479165.91e35bc018313a6ae9d239d5c175ba3f.1675691941867.1675691941867.1675691941867.1&b=175479165.1.1675691941868&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2a9149cb-2ea6-4ce4-8a8b-1466316afcbf
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h5fiYQHPWRWeiDghekR9r8ut9IlI5lPuJrvM%2FJ5ByFeIFl4aFtDQLIx9hb94shokS4HREeU5gqZTYPev3eP1Hk%2BuUUxX2ma8JOWrkreQYzIdqWiIgxlrntyBCP%2F4rI5314Io3XddAyxijr2%2FUor"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7954676d3a1e9b6e-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
899 B 213ms
144ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=0d97e49d-269a-4ba1-abbd-7431f8991081&fci=ab5c8cee-8d45-478b-b595-a439fab82b11&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1858685340&v=1.1&a=8127371&pu=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&t=OTORIO+Research+Team+Uncovers+RCE+affecting+Siemens+Servers+Including+PCS+7&cts=1675691941872&vi=91e35bc018313a6ae9d239d5c175ba3f&nc=true&u=175479165.91e35bc018313a6ae9d239d5c175ba3f.1675691941867.1675691941867.1675691941867.1&b=175479165.1.1675691941868&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e68f6f17-9327-4d26-b200-749a1b6ff097
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH3SZjqYJUuT1a20qriCCDxfdL3StXMKRr%2FJC6s88wEU%2B%2FDlfxkpPmV1DLAkb6JBxCS3xIaQQiaZjKBnVP%2F6P73nbVWMzG%2FAH1y9CcJELhrh0QOet2ypJESXC2VVwx8XOtq%2F1PFgbJaZhl8pSBY3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7954676d3a209b6e-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
557 B 231ms
163ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=0d97e49d-269a-4ba1-abbd-7431f8991081&fci=ab5c8cee-8d45-478b-b595-a439fab82b11&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1858685340&v=1.1&a=8127371&pu=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&t=OTORIO+Research+Team+Uncovers+RCE+affecting+Siemens+Servers+Including+PCS+7&cts=1675691941872&vi=91e35bc018313a6ae9d239d5c175ba3f&nc=true&u=175479165.91e35bc018313a6ae9d239d5c175ba3f.1675691941867.1675691941867.1675691941867.1&b=175479165.1.1675691941868&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8a09e072-5e12-4d1d-b543-0e5be20f25e3
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1EJ7%2FxseY3ozpcuBfpjQKCmV7LgomaukOpR7dpGgyHF05OLhuo%2FN39C5Cbx7UZAOFKo8X%2BEqhWqGN9lkAQHBWV0syaID%2BFP5J7dpt4UwX4eulBjZo4DUC3HBakBvPa8lP7yttey10uE%2FUluYxCc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7954676d3a239b6e-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 254 B
825 B 151ms
150ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=8127371&utk=91e35bc018313a6ae9d239d5c175ba3f&__hstc=175479165.91e35bc018313a6ae9d239d5c175ba3f.1675691941867.1675691941867.1675691941867.1&__hssc=175479165.1.1675691941868&currentUrl=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e09e56e0f06ff2fbba53cfbbcac04f14a3675429979640da3b7904bf6a6dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8ddfccd8-4475-4e7f-8c54-48f4354708e5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.otorio.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCktQ6RsFTeSPMJwIowcNkLCY45sZhgBO2FCX69JfaJEJnBBrKHcPZ3O4CXo%2BO3dX4mURbyicGUWvlia3I1JGfNVJZZaJ0W8gqL6OX3hEbCqef0%2Fa81zllATgwCbBjiU9rF05hoO2ElU3WAxoE2A"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7954676d182f3a98-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 26ms
25ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1177008946445707&ev=Microdata&dl=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&rl=&if=false&ts=1675691942592&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22OTORIO%20Research%20Team%20Uncovers%20RCE%20affecting%20Siemens%20Servers%20Including%20PCS%207%22%2C%22meta%3Akeywords%22%3A%22Cyber%20Security%20Blog%22%2C%22meta%3Adescription%22%3A%22Critical%20vulnerabilities%20in%20Siemens%20ALM%20puts%20multiple%20Siemens%20products%20at%20high%20risk%20of%20breach%2C%20say%20OTORIO%20researchers.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1675691941087.1005401900&it=1675691940925&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 06 Feb 2023 13:59:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.otorio.com/	1970-01-20 11:37:47	Name: _gcl_au Value: 1.1.1588574426.1675691941
.doubleclick.net/	1970-01-20 09:28:12	Name: test_cookie Value: CheckForPermission
.otorio.com/	1970-01-20 19:04:11	Name: _ga Value: GA1.2.1981665760.1675691941
.otorio.com/	1970-01-20 09:29:38	Name: _gid Value: GA1.2.1820280122.1675691941
.otorio.com/	1970-01-20 09:28:12	Name: _gat_UA-134445005-1 Value: 1
www.otorio.com/	1970-01-20 09:29:38	Name: ln_or Value: eyIyMjg3NzY5IjoiZCJ9
.ws.zoominfo.com/	1970-01-20 18:13:47	Name: visitorId Value: 0550f710a8659d206667fd5174ee5243e6f1178dd143221b9972a53d81162c16
.zoominfo.com/	1970-01-20 09:28:13	Name: __cf_bm Value: 5NKQLYwG4f9uVJlzGGweXk9A4a_x6M0ud6jsxYWMSzQ-1675691941-0-ARjTtvJLYI8pOuaBdx5s4SoMjigMzSuolZIAMzAQbGVEnq2WlSOHltO0ulUz6AX9iynzDbeGkP44fpnSyX9iIa4=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: HNK5DuHvl1cg75Rt41mYg7VX6Oz5n_.7JG.cNvGYdnM-1675691941016-0-604800000
.otorio.com/	1970-01-20 19:04:11	Name: _lfa Value: LF1.1.7cad2638abed5e9d.1675691941044
.otorio.com/	1970-01-20 11:37:47	Name: _fbp Value: fb.1.1675691941087.1005401900
.otorio.com/	1970-01-20 18:13:47	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Feb+06+2023+13%3A59%3A01+GMT%2B0000+(GMT)&version=6.36.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.otorio.com%2Fblog%2Fotorio-research-team-uncovers-rce-affecting-siemens-servers-including-pcs-7%2F%3Futm_medium%3Demail%26_hsmi%3D244301761%26_hsenc%3Dp2ANqtz-9nRzvUxzKxPF8yeL-JLzKL9c5HWfOZv91K63PgQZP5fsoXEDt6i0qRjb9TMg0kf2FfPZIzVLl5kxeDe3PCnLyow0Z_2Hz1bOkHKXIwy5z64dXu0tc%26utm_content%3D244301761%26utm_source%3Dhs_email&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.linkedin.com/	1970-01-20 10:11:23	Name: UserMatchHistory Value: AQJ7KCV3sQ2GjwAAAYYnBd1o5RzXINVctFnOZeXPKF-qCPwftgcZBmrlcdVPcNcAimym0otFlF10Qg
.linkedin.com/	1970-01-20 10:11:23	Name: AnalyticsSyncHistory Value: AQJrPSk9Cxwy3wAAAYYnBd1o1pxT69M9V6vhvSQBwlFn3y97VnCl5b1M4NfoNCMsO93soKdc51M-bvs9LWnB3Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:13:47	Name: bcookie Value: "v=2&d94d38bc-aeb6-4ad5-8cb1-096f44a4e837"
.linkedin.com/	1970-01-20 09:29:38	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2543:u=1:x=1:i=1675691941:t=1675778341:v=2:sig=AQHDB0w9pWLROJEGXqBOIbcTTuHlDSnH"
.twitter.com/	1970-01-20 19:04:11	Name: personalization_id Value: "v1_tNLL+Y0TyJkq7TFrgJDOGw=="
.t.co/	1970-01-20 19:04:11	Name: muc_ads Value: 49ff1b26-7158-4f08-b42d-6bd22138ba9f
.otorio.com/	1970-01-20 18:13:47	Name: _hjSessionUser_1758446 Value: eyJpZCI6IjQ0MDM1MDQzLTFhN2YtNTk0OS1iYWM2LTExMWFhNmZmMzhhYyIsImNyZWF0ZWQiOjE2NzU2OTE5NDEyOTgsImV4aXN0aW5nIjpmYWxzZX0=
.otorio.com/	1970-01-20 09:28:13	Name: _hjFirstSeen Value: 1
www.otorio.com/	1970-01-20 09:28:12	Name: _hjIncludedInSessionSample Value: 1
.otorio.com/	1970-01-20 09:28:13	Name: _hjSession_1758446 Value: eyJpZCI6IjhjYzNkY2Q1LWI0NjItNDk4OS1iYzM0LWExMGM0ODM3MGFiOCIsImNyZWF0ZWQiOjE2NzU2OTE5NDEzMzcsImluU2FtcGxlIjp0cnVlfQ==
www.otorio.com/	1970-01-20 09:28:12	Name: _hjIncludedInPageviewSample Value: 1
.otorio.com/	1970-01-20 09:28:13	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:13:47	Name: bscookie Value: "v=1&20230206135901e369a625-64c9-45a6-8faa-df7f81ec2c61AQGPSkfBjNBxhxTEH2xh4K8uwQnv7REk"
.linkedin.com/	1970-01-20 13:47:23	Name: li_gc Value: MTswOzE2NzU2OTE5NDE7MjswMjEghOo+iqGPWJTzsH2M/cvi5SoSiB6PyixBbcfEi/MfUw==
.otorio.com/	1970-01-20 13:47:23	Name: __hstc Value: 175479165.91e35bc018313a6ae9d239d5c175ba3f.1675691941867.1675691941867.1675691941867.1
.otorio.com/	1970-01-20 13:47:23	Name: hubspotutk Value: 91e35bc018313a6ae9d239d5c175ba3f
.otorio.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.otorio.com/	1970-01-20 09:28:13	Name: __hssc Value: 175479165.1.1675691941868
.hubspot.com/	1970-01-20 09:28:13	Name: __cf_bm Value: dQ2OxSpGw_j12S8qdJCz3ZSlKHlnI0zVvYnC8eCe9LY-1675691942-0-AU3b7LpvY1FO4K9JQBqeJCsCIPIHb3MxKbQRD1Ze/vHhzKLnpjS+pF7eaWWY8fxInzu3s4HPNzO7FdtGqvZB/u4=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0103/8923.js Message: Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.hubapi.com
cdn.cookielaw.org
cdn.linkedin.oribi.io
connect.facebook.net
czd8v04.na1.hubspotlinks.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
geolocation.onetrust.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
otorio.com
px.ads.linkedin.com
px4.ads.linkedin.com
sc.lfeeder.com
script.crazyegg.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tr.lfeeder.com
track.hubspot.com
vars.hotjar.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.otorio.com
www.powr.io
104.244.42.197
104.244.42.3
13.107.42.14
13.224.189.122
13.225.78.103
13.32.27.19
146.75.120.157
18.66.122.107
2600:9000:20eb:4a00:1f:f723:6fc0:93a1
2600:9000:20eb:bc00:2:53b2:240:93a1
2606:4700:10::6816:32f5
2606:4700:4400::6812:21ab
2606:4700:4400::ac40:962d
2606:4700::6810:5705
2606:4700::6810:5905
2606:4700::6810:9540
2606:4700::6810:a852
2606:4700::6811:45b0
2606:4700::6811:72b0
2606:4700::6811:83ab
2606:4700::6811:b949
2606:4700::6811:c9cc
2606:4700::6811:d5cc
2606:4700::6811:e9cc
2606:4700::6812:1a55
2606:4700::6813:9408
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:80b::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9b
2a00:1450:400d:806::200e
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2002
2a02:26f0:11a::6867:4832
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::c
54.220.64.134
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
07664fd6a9195b3edd30b67c88838d1322752e5ae983c4bca5ae5fad4b6b4f34
0a7410a204809476bcbdb845cc08b3266f16e0e60a1b11528dd0aecb83624dd2
0ce9dd3e37ad0c9b7ca2fe51421180110c5e69e10533215e61a8abd71d911da9
0d42f3ca93d72e086ed82979a21af2b783b32a20e4fd03891874fd672a7afc79
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
152c3c58ea569b7fffff677816c6b08519a96bac7e6120418b6cab5642edf9c4
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
217bc8046f2ad2437f3e6396200ccbd6a7147a06ea78f554d8251f8bffeaf18e
254b99d0a08c7d8a737603b6137db9ca887b288f5433a813b586ede6ceb7c143
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
267d7f4aad18bd4360cdc3139c9e4a3697cd81ee504c33a3cbd457a17f648331
26e99d4432afd69025c5fa541aec194437f2417bf80a36196afaa85e1f3559d5
27e09e56e0f06ff2fbba53cfbbcac04f14a3675429979640da3b7904bf6a6dd6
2880039850f22d37c9736d8aaeccd71b5c142f81f1d448a8cc6a0b6037eea10f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
34645a36b5a0b01d5faea1ee53b7269c304eb3a8fd80d468b28490c9c911698e
3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7
3cef07414614164522c20cbf03d05bab560c789255a217809cba07349031cfce
3e375d2f6d444da5fba442ed32d2ce19dea1edc7562adaaf927c3bbf9288bf59
3f9295eb4991e59d7c2415d7bfa64be965ea61cb404acf8235e264e904eef0ad
44e424ea8874e320aea345f0c6437a67d2b976bdff8a92d1626a9463806dc351
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4d84bb1c8fbb0b8017dc628f52cad64a3af6001b6c1fcef817a16f1b7026d797
52ce7114db314e5f47a96245f8dbc6219dcad19d1a2d7199c1284fd20f9a5046
53f4cc30a0cdd34d16dfda9a1e410b541dd08c7711fc2a763045b812ba65150c
5736f20e2a413433b3af338e6cccd1318197981ce66e68ac810e723ccbf9c10c
573c3b808654d2f90cf539a2a1d8326a83814568fe741394cee8c0c0b292fb99
594c2cc207de9b07040a161a8da954e793bc2fb7674921cf72e3dac86574c6f3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c5b93e78e74b7650e243fbdbfc3dad90d277b38dc0faadd80b3f2e2f24fe5df
5d232c038e1fb2cbfab2ce06e9a4789b9a57a5a89a1faf1ae3e110c0fc0c3ccc
60145ce597ae4d9805d0dce0ae3120a673a7e832b84fd91f49ee4c84599532bd
686a746a510e9691530632db09476294ef4b62d40ece658532fa9ccd8243c4ab
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c39715e312897e5aadc198fe9ba0ad86b783e0a335ef553d4d49523f981837e
7e2f9566baf595728fc1f916c135309e2d4d049f27cd82b4d6b31cd67bde4f87
83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88219f1eafc0c451f127cdf1679295a50465396b1b49331b934809cc520a4012
8a2eec716594a088e751fb0238d964df99bbab6d347cd0ad8f61316ae4caa0b9
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8bd2119d79f7a572d46617b414ef2235677d8f6cf450b6af06f52bd8d9385cea
8c84e2048ef6fd24c8bf1dfdeb80b5a03493cab8cf65f4f571470d08373957bb
8cc98f192095b974c1bd01ca07fbc7d4f7a2437a734079b12f32d5f7c5493ad6
90a66a3c15df44e300571fed8ce839f5a891b491f5b7088ff217fde4758f00b6
92d6b57d3abb62fd12aeb475c63888fc339932b03906714d4da08f4a90d1ce20
98d0c2891cc4704d01c9f548a2fa2357d57dd3f464eafd0d9a801ee8b813ce4c
aba9657fa252d1d324691bd6f3cf82e8e4d857523ad616a40d836178c18d592c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ade7a6581c7c63f35ce579de932150743b29cebb7684ac1bed2836ba84b4782f
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af58688819fffabef98aa534302c506ed9d44441310d82462e0573782d96f138
afd6cb0e72c8c1de6691650ad6198ad7241b1e521271ddf726035c4089bfa9bc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01
b933d54728e11f601ca3b7ea077ca81685ab075ef24aa71f345e1abe3256ab65
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c3d34265809a18cc2f39ed20530028e73d746b7042573bc7bd4107892e68f739
ccf5f603bdbcf9f167c247a4aa221933b1623a4ca46c604bec84ed8bbd583910
cd5acbc4152370e1e9493d2a39847f6f924b9d1fc7a2b850549863dbc683d348
ce2d9e77b4f63b76112632a315f5076c87fd19f89c71e46097a206a1d3f2af7b
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1e1af697c7aec4138bb4cdefaba8fcc6b98b73bd1274ee53e73d839062dd02e
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfeacae04ce25ffacd8a43927f74cbbce8974232003dc322da57c2361332f63f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece6bd339f80063a04da05ae574df08181e596fd46c37ee7e608a8fde278741a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93
f8b7016dc2b4069ef1f1bd3a7761f31109a8c08d6788d463311fbd06954435ee
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062
fd6370d120b1cd5f015a496e8ecd09908eb940aeedebd890b1f6c6cc28071815
fe4ba8357fa22a3819ddbf5d06de7ce977d588d5f731a827bd786801923aaca4

www.otorio.com Open in urlscan Pro 2a06:98c1:3121::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

94 %HTTPS

79 %IPv6

34 Domains

44 Subdomains

42 IPs

5 Countries

4277 kBTransfer

7322 kBSize

33 Cookies

14 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.otorio.com Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

94 %
HTTPS

79 %
IPv6

34
Domains

44
Subdomains

42
IPs

5
Countries

4277 kB
Transfer

7322 kB
Size

33
Cookies

97 HTTP transactions
1 data transactions