www.trendmicro.com Open in urlscan Pro
2.19.244.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://visit.trendmicro.com/OTQ1LUNYRC0wNjIAAAGS17eE6yuGJpyCCE86wVIIIJ_gAc_DTHtjoYCJcsGjJL3wheR0sLNixjYt9TSaYcoWsKuAXG4=
Effective URL:
https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAA...
Submission: On May 02 via api (May 2nd 2024, 10:12:02 am UTC) from IL — Scanned from IL

Summary HTTP 195 Redirects Links 70 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 31 domains to perform 195 HTTP transactions. The main IP is 2.19.244.199, located in Düsseldorf, Germany and belongs to AKAMAI-AS, US. The main domain is www.trendmicro.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on May 20th 2023. Valid for: a year.

This is the only time www.trendmicro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 36	2.19.244.199 2.19.244.199	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
2	104.22.28.96 104.22.28.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.75.33 172.67.75.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	18.65.39.117 18.65.39.117	16509 (AMAZON-02) (AMAZON-02)
9	23.223.17.167 23.223.17.167	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	143.204.98.120 143.204.98.120	16509 (AMAZON-02) (AMAZON-02)
30	150.70.178.131 150.70.178.131	16880 (AS2-TREND...) (AS2-TRENDMICRO-COM)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
9	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
1	35.201.125.192 35.201.125.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.194.12 34.111.194.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
2	2.23.196.132 2.23.196.132	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
2	23.49.133.210 23.49.133.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.223.17.209 23.223.17.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
10	95.101.111.184 95.101.111.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	91.228.74.244 91.228.74.244	16509 (AMAZON-02) (AMAZON-02)
1	18.245.46.25 18.245.46.25	16509 (AMAZON-02) (AMAZON-02)
3	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	52.222.214.61 52.222.214.61	16509 (AMAZON-02) (AMAZON-02)
1	184.30.152.138 184.30.152.138	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	108.177.15.156 108.177.15.156	15169 (GOOGLE) (GOOGLE)
1	18.66.102.15 18.66.102.15	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.205.255.152 23.205.255.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.248.142.121 13.248.142.121	16509 (AMAZON-02) (AMAZON-02)
3 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.66.102.75 18.66.102.75	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
4	18.209.252.156 18.209.252.156	14618 (AMAZON-AES) (AMAZON-AES)
195	39

1 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

visit.trendmicro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2.19.244.199 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-199.deploy.static.akamaitechnologies.com

www.trendmicro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.28.96 (None, )

ASN13335 (CLOUDFLARENET, US)

customer.cludo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.33 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.65.39.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-117.ams1.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.223.17.167 (Toronto, Canada)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-17-167.deploy.static.akamaitechnologies.com

trendmicro.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-120.fra50.r.cloudfront.net

documents.vicone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 150.70.178.131 (Japan)

ASN16880 (AS2-TRENDMICRO-COM, US)
PTR: sjc1-te-ftp.trendmicro.com

documents.trendmicro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.125.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.125.201.35.bc.googleusercontent.com

cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.194.12 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.194.111.34.bc.googleusercontent.com

ixfd2-api.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.196.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-196-132.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
173bf10e.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.49.133.210 (Vancouver, Canada)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-133-210.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.223.17.209 (Toronto, Canada)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-17-209.deploy.static.akamaitechnologies.com

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

resources.trendmicro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-25.fra56.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 52.222.214.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-61.fra56.r.cloudfront.net

widget.equally.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.152.138 (Vancouver, Canada)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-152-138.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-15.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.255.152 (Toronto, Canada)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-255-152.deploy.static.akamaitechnologies.com

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-75.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

945-cxd-062.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.209.252.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-252-156.compute-1.amazonaws.com

api.equally.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	trendmicro.com 1 redirects visit.trendmicro.com www.trendmicro.com documents.trendmicro.com resources.trendmicro.com	3 MB
37	equally.ai widget.equally.ai — Cisco Umbrella Rank: 90351 api.equally.ai — Cisco Umbrella Rank: 96311	436 KB
16	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1304	56 KB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 5787 c.6sc.co — Cisco Umbrella Rank: 8716 ipv6.6sc.co — Cisco Umbrella Rank: 5928 b.6sc.co — Cisco Umbrella Rank: 3876	20 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	23 KB
9	scene7.com trendmicro.scene7.com	134 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	358 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380	10 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 1388 api.company-target.com — Cisco Umbrella Rank: 4111	1 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4069	28 KB
3	gstatic.com fonts.gstatic.com	112 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9185	720 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	415 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1387 pixel.quantserve.com — Cisco Umbrella Rank: 1107	10 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3868	6 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1444 c.go-mpulse.net — Cisco Umbrella Rank: 647	41 KB
2	bc0a.com cdn.bc0a.com — Cisco Umbrella Rank: 13180 ixfd2-api.bc0a.com — Cisco Umbrella Rank: 18017	15 KB
2	vicone.com documents.vicone.com	994 B
2	cludo.com customer.cludo.com — Cisco Umbrella Rank: 14868	77 KB
1	akstat.io 173bf10e.akstat.io — Cisco Umbrella Rank: 23307	228 B
1	mktoresp.com 945-cxd-062.mktoresp.com — Cisco Umbrella Rank: 597175	318 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 482	703 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1410	448 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 882	394 B
1	t.co t.co — Cisco Umbrella Rank: 717	375 B
1	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 8751	22 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 801	15 KB
1	bizographics.com sjs.bizographics.com — Cisco Umbrella Rank: 42248	17 KB
1	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4919	2 KB
0	rlcdn.com Failed id.rlcdn.com Failed
195	31

	Domain	Requested by
36	www.trendmicro.com	1 redirects visit.trendmicro.com www.trendmicro.com
33	widget.equally.ai	tags.tiqcdn.com www.trendmicro.com widget.equally.ai
30	documents.trendmicro.com	www.trendmicro.com
16	tags.tiqcdn.com	www.trendmicro.com
9	www.google-analytics.com	www.trendmicro.com tags.tiqcdn.com www.google-analytics.com www.googletagmanager.com
9	trendmicro.scene7.com	www.trendmicro.com
8	b.6sc.co	www.trendmicro.com
4	api.equally.ai	www.trendmicro.com
4	px.ads.linkedin.com	2 redirects www.trendmicro.com
4	www.googletagmanager.com	www.trendmicro.com tags.tiqcdn.com www.googletagmanager.com www.google-analytics.com
3	static.addtoany.com	tags.tiqcdn.com static.addtoany.com www.trendmicro.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.trendmicro.com
2	api.company-target.com	www.trendmicro.com
2	epsilon.6sense.com	www.trendmicro.com
2	stats.g.doubleclick.net	www.trendmicro.com
2	munchkin.marketo.net	tags.tiqcdn.com munchkin.marketo.net
2	documents.vicone.com	www.trendmicro.com
2	customer.cludo.com	www.trendmicro.com
1	173bf10e.akstat.io	s.go-mpulse.net
1	945-cxd-062.mktoresp.com	munchkin.marketo.net
1	pixel.quantserve.com	www.trendmicro.com
1	s.company-target.com	www.trendmicro.com
1	www.linkedin.com	1 redirects
1	ipv6.6sc.co	www.trendmicro.com
1	c.6sc.co	www.trendmicro.com
1	secure.adnxs.com	www.trendmicro.com
1	rules.quantcount.com	secure.quantserve.com
1	analytics.twitter.com	www.trendmicro.com
1	t.co	www.trendmicro.com
1	c.go-mpulse.net	www.trendmicro.com
1	scripts.demandbase.com	tags.tiqcdn.com
1	secure.quantserve.com	tags.tiqcdn.com
1	j.6sc.co	tags.tiqcdn.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	resources.trendmicro.com	tags.tiqcdn.com
1	sjs.bizographics.com	tags.tiqcdn.com
1	s.go-mpulse.net	www.trendmicro.com
1	ixfd2-api.bc0a.com	www.trendmicro.com
1	cdn.bc0a.com	tags.tiqcdn.com
1	ajax.googleapis.com	www.trendmicro.com
1	cdn.datatables.net	www.trendmicro.com
1	visit.trendmicro.com
0	id.rlcdn.com Failed	www.trendmicro.com
195	44

This site contains links to these domains. Also see Links.

Domain
vicone.com
www.zerodayinitiative.com
community-trendmicro.force.com
trendmicro.my.site.com
newsroom.trendmicro.com
resources.trendmicro.com
success.trendmicro.com
trendmicro.com
signin.v1.trendmicro.com
cloudone.trendmicro.com
tm.login.trendmicro.com
signup.cj.com
www.facebook.com
twitter.com
plus.google.com
www.linkedin.com
documents.trendmicro.com
ipdefenseforum.com
www.bleepingcomputer.com
www.webroot.com
www.cybereason.com
www.kiteworks.com
techcrunch.com
cve.mitre.org
www.microsoft.com
malpedia.caad.fkie.fraunhofer.de
www.hornetsecurity.com
www.zdnet.com
securityaffairs.co
therecord.media
www.theregister.com
www.progress.com
www.infosecurity-magazine.com
community.progress.com
www.aha.org
thehackernews.com
www.instagram.com
www.youtube.com
www.trendmicro.cz

Subject Issuer	Validity	Valid
visit.trendmicro.com Cloudflare Inc ECC CA-3	`2024-03-07` - `2024-12-31`	10 months	crt.sh
www.trendmicro.com Entrust Certification Authority - L1M	`2023-05-20` - `2024-06-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.cludo.com AlphaSSL CA - SHA256 - G4	`2023-06-01` - `2024-07-02`	a year	crt.sh
datatables.net GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.scene7.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
vicone.com Entrust Certification Authority - L1K	`2024-04-11` - `2025-05-10`	a year	crt.sh
documents.trendmicro.com Entrust Certification Authority - L1K	`2024-02-15` - `2025-03-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cdn.bc0a.com GTS CA 1D4	`2024-03-20` - `2024-06-18`	3 months	crt.sh
ixfd-api.bc0a.com GTS CA 1D4	`2024-04-22` - `2024-07-21`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2023-08-10` - `2024-08-09`	a year	crt.sh
resources.trendmicro.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
quantserve.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
static.addtoany.com E1	`2024-04-23` - `2024-07-22`	3 months	crt.sh
equally.ai Amazon RSA 2048 M03	`2024-04-05` - `2025-05-03`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.company-target.com R3	`2024-04-17` - `2024-07-16`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Frame ID: 343B0A10A83F7E20997CEB347800F815
Requests: 160 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: A942C4A81D66A413DCBDC78224716F0D
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 768E0913C1381AF20A9DDF023CF86A02
Requests: 1 HTTP requests in this frame

Frame: https://widget.equally.ai/equallyai-widget.css
Frame ID: 0EA7F9312A683F4FD64F94B708959EA4
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware Spotlight: Clop - Security News - Trend Micro SG

Page URL History Show full URLs

https://visit.trendmicro.com/OTQ1LUNYRC0wNjIAAAGS17eE6yuGJpyCCE86wVIIIJ_gAc_DTHtjoYCJcsGjJL3wheR0sLNixjYt... Page URL
https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_to... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

195
Requests

98 %
HTTPS

0 %
IPv6

31
Domains

44
Subdomains

39
IPs

6
Countries

4128 kB
Transfer

8648 kB
Size

41
Cookies

70 Outgoing links

These are links going to different origins than the main page.

URL: https://vicone.com/en
Title: Automotive

Search URL Search Domain Scan URL

URL: https://www.zerodayinitiative.com/about/
Title: Zero Day Initiatives (ZDI)

Search URL Search Domain Scan URL

URL: https://community-trendmicro.force.com/Gpartner/s/
Title: Partner Login

Search URL Search Domain Scan URL

URL: https://trendmicro.my.site.com/Gpartner/s/partner-locator?language=en_US
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://newsroom.trendmicro.com/
Title: Latest News

Search URL Search Domain Scan URL

URL: https://resources.trendmicro.com/GLB-Under-Attack-Form.html
Title: Under Attack?

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/dcx/s/?language=en_US
Title: Business Support Portal

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/community/s
Title: Business Community

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/dcx/s/threat?language=en_US
Title: Virus and Threat Help

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/dcx/s/contactus
Title: Contact Support

Search URL Search Domain Scan URL

URL: http://trendmicro.com/public-cloud-risk-assessment
Title: Cloud Health Assessment

Search URL Search Domain Scan URL

URL: https://signin.v1.trendmicro.com/
Title: Vision One

Search URL Search Domain Scan URL

URL: https://community-trendmicro.force.com/Gpartner/s/login/?language=en_US&ec=302&startURL=%2FGpartner%2Fs%2F
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://cloudone.trendmicro.com/
Title: Cloud One

Search URL Search Domain Scan URL

URL: https://tm.login.trendmicro.com/simplesaml/saml2/idp/SSOService.php
Title: Product Activation and Management

Search URL Search Domain Scan URL

URL: https://signup.cj.com/member/signup/publisher/?cid=1867119#/branded?_k=xaeu3t
Title: Referral Affiliate

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop&text=Ransomware%20Spotlight:%20Clop&tw_p=tweetbutton&url=https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop
Title: Twitter

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=Ransomware%20Spotlight:%20Clop%20https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop
Title: Google+

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop&title=Ransomware%20Spotlight:%20Clop&summary=Ransomware%20Spotlight:%20Clop
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/rs-Clop-Infographic-C1jGKfj.jpg

Search URL Search Domain Scan URL

URL: https://ipdefenseforum.com/2021/08/south-korean-police-help-take-down-cyber-threat-in-ukraine/
Title: huge payouts estimated at US$500 million as of November 2021

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/clop-ransomware-is-back-in-business-after-recent-arrests/
Title: Reports

Search URL Search Domain Scan URL

URL: https://www.webroot.com/blog/2016/07/22/about-cryptomix-ransomware/
Title: CryptoMix

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/cl0p-ransomware-gang-tries-to-topple-the-house-of-cards
Title: a Russian-speaking group

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/solution/000283514
Title: web shell

Search URL Search Domain Scan URL

URL: https://www.kiteworks.com/sites/default/files/resources/accellion-company-overview.pdf
Title: attacks on Kiteworks

Search URL Search Domain Scan URL

URL: https://techcrunch.com/2020/04/27/execupharm-clop-ransomware/
Title: pharmaceutical company

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/clop-gang-exploiting-solarwinds-serv-u-flaw-in-ransomware-attacks/
Title: SolarWinds

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35211#:~:text=Microsoft%20discovered%20a%20remote%20code,machine%20hosting%20Serv%2DU%20Only.
Title: CVE-2021-35211

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/marine-services-provider-swire-pacific-offshore-hit-by-ransomware/
Title: Clop breached its IT systems

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2022/10/27/raspberry-robin-worm-part-of-larger-ecosystem-facilitating-pre-ransomware-activity/
Title: reported

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/actor/fin11
Title: FIN11 (aka TA505),

Search URL Search Domain Scan URL

URL: https://www.hornetsecurity.com/en/security-information/clop-clop-ta505-html-malspam-analysis/?_adin=11551547647
Title: delivery of the Clop malware as the final stage of its payload

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/solution/1123301-flawedammyy-malware-information#:~:text=FlawedAmmyy%20is%20a%20remote%20access,on%20leaked%20Ammyy%20Admin%20software.&text=Upon%20infection%2C%20the%20RAT%20can,Capture%20screenshots
Title: FlawedAmmyy

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/some-ransomware-gangs-are-going-after-top-execs-to-pressure-companies-into-paying/
Title: top executives

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/116029/cyber-crime/clop-ransomware-extortion.html
Title: customers

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/accellion-data-breaches-drive-up-average-ransom-price/
Title: pulled up the average ransom payments for the first quarter of 2021

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/clop-ransomware-gang-begins-extorting-goanywhere-zero-day-victims/
Title: Fortra GoAnywhere MFT vulnerability

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/exploit-released-for-actively-exploited-goanywhere-mft-zero-day/
Title: proof-of-concept code

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/microsoft-clop-and-lockbit-ransomware-behind-papercut-server-hacks/
Title: attributed

Search URL Search Domain Scan URL

URL: https://www.zerodayinitiative.com/
Title: Trend Micro's Zero Day Initiative (ZDI),

Search URL Search Domain Scan URL

URL: https://www.zerodayinitiative.com/advisories/ZDI-23-233/
Title: ZDI-23-233.

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/microsoft-notorious-fin7-hackers-return-in-clop-ransomware-attacks/
Title: FIN7 (aka Sangria Tempest)

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel/status/1665537730946670595
Title: continuously exploited

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34362
Title: CVE-2023-24362

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35036
Title: CVE-2023-35036

Search URL Search Domain Scan URL

URL: https://therecord.media/shell-impacted-in-clop-ransomware-attack
Title: private

Search URL Search Domain Scan URL

URL: https://www.theregister.com/2023/06/15/clop_broke_into_the_doe/
Title: public organizations

Search URL Search Domain Scan URL

URL: https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability
Title: deploy

Search URL Search Domain Scan URL

URL: https://www.infosecurity-magazine.com/news/clop-ransom-gang-big-names-moveit/
Title: noted

Search URL Search Domain Scan URL

URL: https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023
Title: security gap

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/dcx/s/solution/000293538?language=en_US
Title: surfaced in June

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/Figure-3WIOEYnc.png

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/rs-clop-Figure4-RKcMycE.png

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/rs-clop-Figure5-EDYDb76.png

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/rs-clop-Figure6-mQFtQw2.png

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/rs-clop-Figure7-qpCv1Wy.png

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/RS-Clop-Fig-4-SxnXSXE.jpg

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/RS-Clop-Fig-5-l8cf3OV.jpg

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/RS-Clop-Fig-6-ytyWSYF.jpg

Search URL Search Domain Scan URL

URL: https://www.aha.org/system/files/media/file/2021/02/h-isac-tlp-white-bulletin-cisa-notifies-exploitation-accellion-file-transfer-appliance-2-24-21.pdf
Title: Kiteworks FTA zero-day exploits

Search URL Search Domain Scan URL

URL: https://thehackernews.com/2020/06/SMBleed-smb-vulnerability.html
Title: Server Message Block (SMB) vulnerabilities

Search URL Search Domain Scan URL

URL: https://documents.trendmicro.com/images/TEx/articles/Indicators_of_Compromise_(IOC)_-_Clop_Ransomware-vwbhYHm.txt
Title: here

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/trend-micro/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TrendMicro/

Search URL Search Domain Scan URL

URL: https://twitter.com/trendmicro

Search URL Search Domain Scan URL

URL: https://www.instagram.com/trendmicro/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TrendMicroInc

Search URL Search Domain Scan URL

URL: http://www.trendmicro.cz/
Title: Česká Republika

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://visit.trendmicro.com/OTQ1LUNYRC0wNjIAAAGS17eE6yuGJpyCCE86wVIIIJ_gAc_DTHtjoYCJcsGjJL3wheR0sLNixjYt9TSaYcoWsKuAXG4= Page URL
https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46043&time=1714644715471&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46043&time=1714644715471&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D46043%26time%3D1714644715471%26url%3Dhttps%253A%252F%252Fwww.trendmicro.com%252Fvinfo%252Fsg%252Fsecurity%252Fnews%252Fransomware-spotlight%252Fransomware-spotlight-clop%253Fmkt_tok%253DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46043&time=1714644715471&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&cookiesTest=true&liSync=true

Request Chain 190

https://www.trendmicro.com/favicon.ico HTTP 301
https://www.trendmicro.com/content/dam/trendmicro/favicon.ico

195 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 OTQ1LUNYRC0wNjIAAAGS17eE6yuGJpyCCE86wVIIIJ_gAc_DTHtjoYCJcsGjJL3wheR0sLNixjYt9TSaYcoWsKuAXG4=
visit.trendmicro.com/ 594 B
1 KB 427ms
310ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visit.trendmicro.com/OTQ1LUNYRC0wNjIAAAGS17eE6yuGJpyCCE86wVIIIJ_gAc_DTHtjoYCJcsGjJL3wheR0sLNixjYt9TSaYcoWsKuAXG4=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-Fiz8sLIvfDQc5nPuaF95xJjMdtjRG9fLBOkHZsmSZ0k=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 87d73ac3ee74e3d7-TLV
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-Fiz8sLIvfDQc5nPuaF95xJjMdtjRG9fLBOkHZsmSZ0k=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type: text/html;charset=UTF-8
date: Thu, 02 May 2024 10:11:51 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 8cf6105518a6fff8

GET
H2 200 Primary Request ransomware-spotlight-clop Show response
www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ 254 KB
46 KB 1725ms
1436ms Document
text/html 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy

Requested by

Host: visit.trendmicro.com
URL: https://visit.trendmicro.com/OTQ1LUNYRC0wNjIAAAGS17eE6yuGJpyCCE86wVIIIJ_gAc_DTHtjoYCJcsGjJL3wheR0sLNixjYt9TSaYcoWsKuAXG4=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

db6b4059b1420479d12e3711345ee96686dd7baae91b16c22fe3831ea8f54c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://visit.trendmicro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=844
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 10:11:53 GMT
server: nginx
server-timing: cdn-cache; desc=MISS edge; dur=291 origin; dur=1020 ak_p; desc="1714644711568_386904740_115906927_131129_10177_57_175_255";dur=1
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-akamai-transformed: 9 44573 0 pmb=mRUM,2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-prod-n-01: Yes
x-xss-protection: 1;mode=block

GET
H2 200 jquery.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/ 111 KB
34 KB 219ms
209ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

5e22ea5c930abbc085ab76916ce30cff31ab7aefc38bcb7dc1158b3c500303d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
last-modified: Mon, 01 Apr 2024 08:55:36 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713228_386904740_115908788_41_9468_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 34015
x-xss-protection: 1;mode=block

GET
H2 200 utils.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/ 10 KB
4 KB 251ms
241ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
last-modified: Mon, 15 Apr 2024 07:54:08 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713238_386904740_115908789_1002_12297_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 3224
x-xss-protection: 1;mode=block

GET
H2 200 granite.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/ 4 KB
2 KB 253ms
243ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
last-modified: Mon, 08 Apr 2024 13:08:02 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713228_386904740_115908790_44_9399_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 1422
x-xss-protection: 1;mode=block

GET
H2 200 analytics.js Show response
www.trendmicro.com/vinfo/js/ 451 B
659 B 258ms
249ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/js/analytics.js?v1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3807e44914c34f9e293702693b49039f774b1eef7798a0fa8dfbb3c1992e32dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1714644713229_386904740_115908791_222_9325_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 240
x-xss-protection: 1;mode=block
last-modified: Tue, 16 Apr 2024 06:47:31 GMT
server: Akamai Resource Optimizer
etag: "cee15a297c86d21:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=421129
accept-ranges: bytes
expires: Tue, 07 May 2024 07:10:42 GMT

GET
H2 200 TEx-v23-1-1.css
www.trendmicro.com/vinfo/css/ 92 KB
14 KB 152ms
143ms Stylesheet
text/css 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/css/TEx-v23-1-1.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c941a6979bbb1fce9ffa2a04a483436d1d8d3a0990556772d83af7c333ac43cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=14, ak_p; desc="1714644713228_386904740_115908787_1454_9423_57_0_255";dur=1
x-prod-n-01: Yes
content-length: 14067
x-xss-protection: 1;mode=block
last-modified: Sun, 07 Apr 2024 13:30:57 GMT
server: Akamai Resource Optimizer
etag: W/"3aa139cc2d3cd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=172800
expires: Sat, 04 May 2024 10:11:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 369ms
122ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

90b024f2bb6ac5bf0a8a77160406044bc6e6549fbf7717a88af8e82023d9fa62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 10:06:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 10:11:53 GMT

GET
H2 200 font-awesome.min.css
www.trendmicro.com/vinfo/sg/css/ 30 KB
6 KB 161ms
151ms Stylesheet
text/css 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/sg/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713229_386904740_115908792_87_9263_57_0_255";dur=1
x-prod-n-01: Yes
content-length: 5627
x-xss-protection: 1;mode=block
last-modified: Thu, 11 Apr 2024 06:27:39 GMT
server: Akamai Resource Optimizer
etag: W/"b991729010e5d71:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=172800
expires: Sat, 04 May 2024 10:11:53 GMT

GET
H2 200 cludo-search.min.css
customer.cludo.com/css/296/1798/ 16 KB
3 KB 364ms
122ms Stylesheet
text/css 104.22.28.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.cludo.com/css/296/1798/cludo-search.min.css
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.28.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676e66eeb5e721df2e68029d518067cece19d56d7e0b4a1c9a2e3c449a232bca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Apr 2022 10:55:26 GMT
server: cloudflare
age: 19863
etag: W/"0238c4e6e55d81:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
cf-ray: 87d73ad31fdebb59-FRA
alt-svc: h3=":443"; ma=86400
x-lb: 2

GET
H2 200 vendor.min.css
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/ 93 KB
12 KB 164ms
155ms Stylesheet
text/css 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/vendor.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

46c4c0628d61cf6aa41dedacdd3e15fd9e3e6234a3b9a18b4b69ff9d9c5842ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
last-modified: Thu, 25 Apr 2024 00:38:16 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713233_386904740_115908793_511_12182_57_0_255";dur=1
x-prod-n-01: Yes
content-length: 11423
x-xss-protection: 1;mode=block

GET
H2 200 clientlibs.min.css
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/ 326 KB
29 KB 174ms
165ms Stylesheet
text/css 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

7b67b475ba0b22fcb8fb8914d2d40c55fbb6b49d8c02957fc5d49f563a615778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
last-modified: Thu, 18 Apr 2024 17:21:41 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713229_386904740_115908794_56_9345_57_0_255";dur=1
x-prod-n-01: Yes
content-length: 29364
x-xss-protection: 1;mode=block

GET
H2 200 header-footer.min.css
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/ 79 KB
7 KB 214ms
205ms Stylesheet
text/css 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/header-footer.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3d54afbb87a714b1c6d92847e2ef757d15269970178c4233303cafa1616722ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
last-modified: Mon, 08 Apr 2024 13:10:27 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713229_386904740_115908795_59_9225_57_0_255";dur=1
x-prod-n-01: Yes
content-length: 6821
x-xss-protection: 1;mode=block

GET
H2 200 customSiteStyle-v23-1-1.css
www.trendmicro.com/vinfo/css/ 126 KB
18 KB 228ms
219ms Stylesheet
text/css 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/css/customSiteStyle-v23-1-1.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

086e621cfcac0a3d8f7d05e33fefd1b09cd8837c443f89c8a9bee2928cfed62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-n-02: Yes
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=16, ak_p; desc="1714644713229_386904740_115908796_1685_9305_57_0_255";dur=1
content-length: 18105
x-xss-protection: 1;mode=block
last-modified: Sun, 07 Apr 2024 14:40:55 GMT
server: Akamai Resource Optimizer
etag: W/"d896e7f5e8cd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=172800
expires: Sat, 04 May 2024 10:11:53 GMT

GET
H2 200 icon-font.css
www.trendmicro.com/vinfo/css/tm-icons/ 22 KB
3 KB 258ms
249ms Stylesheet
text/css 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/css/tm-icons/icon-font.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b4585d273cb4bfd228dfaede65217a0a8918615301c89a0f80fc4c4787215c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713279_386904740_115908848_89_9279_57_0_255";dur=1
x-prod-n-01: Yes
content-length: 3019
x-xss-protection: 1;mode=block
last-modified: Thu, 04 Apr 2024 23:31:16 GMT
server: Akamai Resource Optimizer
etag: W/"0cf1ffe7edbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=172800
expires: Sat, 04 May 2024 10:11:53 GMT

GET
H2 200 navigation-darkmode.css
www.trendmicro.com/vinfo/css/ 6 KB
1 KB 257ms
249ms Stylesheet
text/css 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/css/navigation-darkmode.css?v23-1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

5e5a43dfafa6b7448ffd7bac65fbc5d143ae7bc1ec9104c16900e9f294a46e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713279_386904740_115908849_68_9343_57_0_255";dur=1
x-prod-n-01: Yes
content-length: 797
x-xss-protection: 1;mode=block
last-modified: Thu, 28 Mar 2024 23:22:47 GMT
server: Akamai Resource Optimizer
etag: W/"6797a627223cd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=172800
expires: Sat, 04 May 2024 10:11:53 GMT

GET
H2 200 jquery.dataTables.min.css
cdn.datatables.net/1.10.16/css/ 14 KB
2 KB 365ms
128ms Stylesheet
text/css 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.16/css/jquery.dataTables.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 848785
last-modified: Fri, 19 Apr 2024 08:45:39 GMT
server: cloudflare
etag: W/"66222f33-364c"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=saeCWdG4r7sfdLMk741I6%2FvtMg%2FyvOGQix3EW5WYSLCCh1knHphFnNFBqzhLQ3bZVAE0s2eftLIrXAzMxJCIspxyoZZFW7UPsfHBZnalPPOksKgsD1oY%2FEt54%2FZ9u2VC2%2BVY%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
cf-ray: 87d73ad31b748edb-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 668 B
1 KB 376ms
114ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.sync.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4dc85d3a527083702be8eb34c8342dfd007efa82147e4101a008f17530ddbcd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 9xRl8MX0nxMAMSv866A_S.g8gvjn814I
date: Thu, 02 May 2024 10:11:31 GMT
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 668
last-modified: Fri, 26 Apr 2024 07:45:26 GMT
server: AmazonS3
etag: "2f14633a75e3321cbc5f8ae93d443bcc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: f-XXroRrfcQNP-OHs3uvmUw78CSUQGvowxgyodRW3ySip4N6sS8zvQ==

GET
H2 200 rssfeedgetter2017.js Show response
www.trendmicro.com/vinfo/sg/js/ 5 KB
2 KB 324ms
318ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/sg/js/rssfeedgetter2017.js?v=1.0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

aa0fb12210395609982a73f34b179f54280417eb48f18497e9b6a964569c27a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1714644713279_386904740_115908850_222_9312_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 1748
x-xss-protection: 1;mode=block
last-modified: Sun, 21 Apr 2024 01:09:52 GMT
server: Akamai Resource Optimizer
etag: "cde5f7f753b7d21:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=323332
accept-ranges: bytes
expires: Mon, 06 May 2024 04:00:45 GMT

GET
H2 200 tm-logo-red-new-navigation.svg
www.trendmicro.com/content/dam/trendmicro/global/en/core/images/logos/ 5 KB
3 KB 256ms
250ms Image
image/svg+xml 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/core/images/logos/tm-logo-red-new-navigation.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4c38452d4117e2bb77829601aca27ac6584ebdf4d42ce505c0f7b1ae0f933147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713279_386904740_115908851_46_9383_57_0_182";dur=1
content-length: 2173
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 13:39:20 GMT
server: nginx
etag: W/"154e-61417b7c4cd53"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=718
accept-ranges: bytes
expires: Thu, 02 May 2024 10:23:51 GMT

GET
H2 200 trend-vision-one-laptop-console-nav.svg
www.trendmicro.com/content/dam/trendmicro/global/en/core/images/console-images/navigation/ 529 KB
381 KB 257ms
251ms Image
image/svg+xml 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/core/images/console-images/navigation/trend-vision-one-laptop-console-nav.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d50a796a476b1fcf5c96954fd3576ff056c278490683dce6f1504a9ded73edc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: gzip
x-prod-a-01: Yes
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713279_386904740_115908852_53_9338_57_0_182";dur=1
x-prod-n-01: Yes
content-length: 389784
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 16:27:04 GMT
server: nginx
etag: "8428e-6141a0fa05c46"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=851
accept-ranges: bytes
expires: Thu, 02 May 2024 10:26:04 GMT

GET
H2 200 asrm-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 10 KB
10 KB 733ms
274ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/asrm-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-167.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

d460644b622022d9683784e06ccc45c6e864076a7a4e118d21f3037ecee1e114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 10:11:54 GMT
last-modified: Wed, 04 Jan 2023 02:43:26 GMT
server: Unknown
akamai-grn: 0.a7962a17.1714644714.4f2d571b
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "9de359e8cdedfd36c0d7b85043d67eeb"
x-adobe-assetlist: QlpoOTFBWSZTWXWqKgQAAAGTgAACgAouZ5wAIAAih6jTRg1ChppgAZYQojzNFvCnA3RgB2Kn4u5IpwoSDrVFQIA=
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 10094
expires: Thu, 02 May 2024 16:48:26 GMT

GET
H2 200 xdr-product-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 12 KB
13 KB 661ms
287ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-167.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

99c5c8d1040d32b66101e0927cb5c7c5bad06cc808fd6a4da553cb016d067563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 10:11:54 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.a7962a17.1714644714.4f2d571c
x-adobe-assetlist: QlpoOTFBWSZTWSzIeOkAAAITgAACgAoOZ95AIAAxTJiZBkYUGTQMGpD6ZCPsuEfgkoW50OJVGIEuNhB8XckU4UJAsyHjpA==
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 12440
-x-adobe-assetlist: [trendmicro/xdr-product-console-shot]
last-modified: Wed, 04 Jan 2023 02:43:22 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "43fed6cdf7b9dd8837ae00c4a12658b9"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 May 2024 19:55:27 GMT

GET
H2 200 cloud-one-container-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 16 KB
17 KB 515ms
389ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-container-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-167.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

70bb4dee8d5a8c4da670a1f6cdb4ed1de106409a3a627f8cb134a8733e4d1fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 10:11:54 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.a7962a17.1714644714.4f2d571f
x-adobe-assetlist: QlpoOTFBWSZTWc9xaQ0AAAKTgAACgAouZ54AIAAxTTIxMTEGqekZkm0empyIbj0HcSqB1ZIzRPumGYlwpg/X3llbou5IpwoSGe4tIaA=
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 16574
-x-adobe-assetlist: [trendmicro/cloud-one-container-console-shot]
last-modified: Wed, 04 Jan 2023 02:43:25 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "49221504cd032070baf66a9d63ed7267"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 May 2024 17:13:57 GMT

GET
H2 200 cloud-one-file-storage-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 7 KB
7 KB 564ms
439ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-file-storage-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-167.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

060de6fa0e8fb084932b15dd1264aa0fb4000d857c5feab8e6a8f1cfec5cd01e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 10:11:54 GMT
last-modified: Wed, 04 Jan 2023 02:50:40 GMT
server: Unknown
akamai-grn: 0.a7962a17.1714644714.4f2d5720
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "c09c2ed99b57f3b4f4322a1744b8e96a"
x-adobe-assetlist: QlpoOTFBWSZTWaHvYKkAAAMTgAACgAov554AIAAiJpPU9qjRtGahTCaaA0xAgVNPUgQa0soHgmo+qZZMeYfZyOm7hWBvwXckU4UJCh72CpA=
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 7066
expires: Thu, 02 May 2024 19:55:27 GMT

GET
H2 200 sps-mobile-security-enterprise-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 12 KB
13 KB 494ms
368ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/sps-mobile-security-enterprise-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-167.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

8dd7b21967e3bbcd7aac40d2cc5cc1314370c348d74bbbca10216c64b4234c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 10:11:54 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.a7962a17.1714644714.4f2d571e
x-adobe-assetlist: QlpoOTFBWSZTWXsmWcsAAAMTgAACgAoeZ94gIABUUwmmgNMQinpphTajYQvKwELeE/OVgBtGKtmHupZyE1aayT3xGL5wi+DNlz8XckU4UJB7JlnL
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 12596
-x-adobe-assetlist: [trendmicro/sps-mobile-security-enterprise-console-shot]
last-modified: Wed, 04 Jan 2023 02:50:40 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "5653c722a7ef668ba46b9d3273e42de4"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 May 2024 19:55:27 GMT

GET
H2 200 zero-trust-access-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 16 KB
17 KB 466ms
341ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/zero-trust-access-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-167.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

516203c172e11d56f5b125558bafba7554132a322e3564d2a6a7a1aee2db075e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 10:11:54 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.a7962a17.1714644714.4f2d571d
x-adobe-assetlist: QlpoOTFBWSZTWRRgqYoAAAKTgAACgAouZ54QIAAxTJiZBkYRGmI0aaYkQvgyR6UW88UjS0OOQNJdMCXWOiWk3XxdyRThQkBRgqYo
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 16720
-x-adobe-assetlist: [trendmicro/zero-trust-access-console-shot]
last-modified: Wed, 04 Jan 2023 02:43:22 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "4ea9b74bcd21fece5de3fa1ebe57ed16"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 May 2024 14:52:19 GMT

GET
H2 200 email-security-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 15 KB
16 KB 444ms
443ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/email-security-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-167.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

9de89a0507d903a1a20cae731d14020f13d828fa82d05a2b748b1d8e62e644d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 10:11:54 GMT
last-modified: Wed, 04 Jan 2023 02:50:40 GMT
server: Unknown
akamai-grn: 0.a7962a17.1714644714.4f2d5721
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "1cb4ca19e1fc30d76ac9faa68e04185e"
x-adobe-assetlist: QlpoOTFBWSZTWRAIvj0AAAITgAACgAouZ54gIAAxTJiZBkYUNDIaegk92DgGNMkdi6AkXb2vg3gSTUZJXJ/F3JFOFCQEAi+PQA==
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 15814
expires: Thu, 02 May 2024 14:55:10 GMT

GET
H2 200 all-products-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 41 KB
42 KB 459ms
459ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/all-products-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-167.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

c35684d84fc5b1b0f68463362669810b17bf94a9de0bc053000f9c3f66bcc880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 10:11:54 GMT
last-modified: Mon, 27 Mar 2023 00:57:09 GMT
server: Unknown
akamai-grn: 0.a7962a17.1714644714.4f2d5722
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "e88f8f7c1b7fe0eed8bbb848a2525f00"
x-adobe-assetlist: QlpoOTFBWSZTWQAjRP8AAAITgAACgAouZ94AIAAxTJiZBkYUND1NNMmI6GwgBZcHKQWGdiFA8L4puS7nSfF3JFOFCQACNE/w
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 42446
expires: Thu, 02 May 2024 13:45:24 GMT

GET
H2 200 search-script.js Show response
customer.cludo.com/scripts/bundles/ 420 KB
74 KB 138ms
130ms Script
application/javascript 104.22.28.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.cludo.com/scripts/bundles/search-script.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.28.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3765e6b208eada55a4c419461df2b40b359b18bfd5e5182490d0bb08d102a6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 19:06:28 GMT
server: cloudflare
age: 89
etag: W/"01279827a96da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
cf-ray: 87d73ad56a48bb59-FRA
alt-svc: h3=":443"; ma=86400
x-lb: 4

GET
H2 200 twitter-X-logo-01ITqorvT.svg
documents.vicone.com/images/icons/ 502 B
994 B 348ms
110ms Image
image/svg+xml 143.204.98.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://documents.vicone.com/images/icons/twitter-X-logo-01ITqorvT.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-120.fra50.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

36dddcbd8045ce061726b0f8194e1a582de23d473ed771928caeb0ec85ecb93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 06:25:48 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA50-C1
age: 13701
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 502
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Sep 2023 05:42:07 GMT
server: Microsoft-IIS/10.0
etag: "90747de3be5d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: QJyA_K8qToWc32za2ddCr5P3l6CLonXjFvy_zs4FKE7o5gs9Njgp5A==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
572 B 127ms
120ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@300;400&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

5deb6f9cade54812153e467832fe3c01d0e81b8ae0a4039e9c234b161b9025c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 10:10:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 10:11:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
722 B 136ms
129ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cairo:wght@900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

b7e3cad8e5b56efa52cdff5b6f68e15bebba0adb0fabc1c290fade72df119a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 10:11:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 10:11:53 GMT

GET
H/1.1 200
OK Ransomware-spotlight-logo-01ywrGnbZ.svg
documents.trendmicro.com/images/TEx/svg/ 72 KB
72 KB 991ms
272ms Image
image/svg+xml 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/svg/Ransomware-spotlight-logo-01ywrGnbZ.svg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f337adbe68c49f832f3a8c224fa5d9028e678deba5e21de873847667bbb7dee8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Fri, 26 Nov 2021 01:42:41 GMT
Server: Microsoft-IIS/10.0
ETag: "5192e4e666e2d71:0"
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 73365

GET
H/1.1 200
OK clop-infographic-thumbnail-F2hGRmt.jpg
documents.trendmicro.com/images/TEx/articles/ 90 KB
90 KB 1297ms
280ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/clop-infographic-thumbnail-F2hGRmt.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a46caed64b8d6851b646a34bcf387c7983d2d1145edd009fd0e110ab1cdab86a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Fri, 16 Jun 2023 11:14:23 GMT
Server: Microsoft-IIS/10.0
ETag: "ee4d84b443a0d91:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 91661

GET
H/1.1 200
OK Figure-2PNtVrV6.png
documents.trendmicro.com/images/TEx/ 25 KB
25 KB 1017ms
278ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/Figure-2PNtVrV6.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 10846c3ec731a4e370609caca1b0bac59c4c7f980b772a66a613586fa9737294

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Thu, 22 Jun 2023 01:57:38 GMT
Server: Microsoft-IIS/10.0
ETag: "9b662fecaca4d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 25488

GET
H/1.1 200
OK Figure-3WIOEYnc.png
documents.trendmicro.com/images/TEx/ 25 KB
25 KB 1007ms
273ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/Figure-3WIOEYnc.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3f966d376e56d597d0073d7830342450dd2da7cfd3b07da8304dcbe3cd1a467

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Fri, 16 Jun 2023 10:00:06 GMT
Server: Microsoft-IIS/10.0
ETag: "c85b985339a0d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 25367

GET
H/1.1 200
OK Figure-1iXEASb2.png
documents.trendmicro.com/images/TEx/ 13 KB
13 KB 1010ms
279ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/Figure-1iXEASb2.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 39bf39903f13015be8d51881021b517dcdce30b4c5b04475fb4af87b53f635a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Fri, 16 Jun 2023 10:15:57 GMT
Server: Microsoft-IIS/10.0
ETag: "53d67e8a3ba0d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13453

GET
H/1.1 200
OK rs-clop-Figure4-RKcMycE.png
documents.trendmicro.com/images/TEx/articles/ 17 KB
18 KB 274ms
272ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/rs-clop-Figure4-RKcMycE.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac3864489917666fbecfffece8e244b564f0b4c7304e68314802ba361d8943f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Wed, 21 Jun 2023 06:22:35 GMT
Server: Microsoft-IIS/10.0
ETag: "b7413c58a4d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17866

GET
H/1.1 200
OK rs-clop-Figure5-EDYDb76.png
documents.trendmicro.com/images/TEx/articles/ 27 KB
27 KB 306ms
305ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/rs-clop-Figure5-EDYDb76.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 23a05fbeb2200993b6bf590f2b18009098cc27fbe7e9bb10b79f8b8bb85e1a42

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Wed, 21 Jun 2023 06:22:29 GMT
Server: Microsoft-IIS/10.0
ETag: "d886dc18a4d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27655

GET
H/1.1 200
OK rs-clop-Figure6-mQFtQw2.png
documents.trendmicro.com/images/TEx/articles/ 17 KB
17 KB 292ms
291ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/rs-clop-Figure6-mQFtQw2.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f7ab9ca81421d398f3d09903b4585a4dd82e56012a47f22f9e8182d99c3617b6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Wed, 21 Jun 2023 06:22:45 GMT
Server: Microsoft-IIS/10.0
ETag: "2652c9ca8a4d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17436

GET
H/1.1 200
OK rs-clop-Figure7-qpCv1Wy.png
documents.trendmicro.com/images/TEx/articles/ 26 KB
26 KB 297ms
294ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/rs-clop-Figure7-qpCv1Wy.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 02d1ebb44f6539e6642f55937b85bfacc624b5f21d7a6c1a53939f3bbc9deb61

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Wed, 21 Jun 2023 06:23:11 GMT
Server: Microsoft-IIS/10.0
ETag: "10edaeda8a4d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 26402

GET
H/1.1 200
OK RS-Clop-Fig-4-SxnXSXE.jpg
documents.trendmicro.com/images/TEx/articles/ 65 KB
65 KB 285ms
285ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/RS-Clop-Fig-4-SxnXSXE.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0840fffbb26eb090245d3b943b6f04e48f8bf7c472d3cdc49492a73dc0e8ca23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Thu, 17 Feb 2022 10:14:16 GMT
Server: Microsoft-IIS/10.0
ETag: "6289bd1ee723d81:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 66728

GET
H/1.1 200
OK RS-Clop-Fig-5-l8cf3OV.jpg
documents.trendmicro.com/images/TEx/articles/ 50 KB
50 KB 315ms
309ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/RS-Clop-Fig-5-l8cf3OV.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c310cdd062c775c861a51f3a5c1ed9cd381622cdbb938c3a62be59341ef066af

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Wed, 16 Feb 2022 11:47:14 GMT
Server: Microsoft-IIS/10.0
ETag: "4175cef02a23d81:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 51243

GET
H/1.1 200
OK RS-Clop-Fig-6-ytyWSYF.jpg
documents.trendmicro.com/images/TEx/articles/ 65 KB
65 KB 270ms
267ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/RS-Clop-Fig-6-ytyWSYF.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 136a1a4d5684cba1f04b04946a0f443af3a3b7abb4abde946fc0705ae489ccc9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Wed, 16 Feb 2022 13:07:32 GMT
Server: Microsoft-IIS/10.0
ETag: "489a99283623d81:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 66712

GET
H/1.1 200
OK 20220905094136707-867-qQdpKfL-2000.jpg
documents.trendmicro.com/images/TEx/articles/ 223 KB
223 KB 313ms
303ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/20220905094136707-867-qQdpKfL-2000.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 89f5e612d1be23c76c63b9047ca4b649eaca252c5303d6ac4d15b63573330c71

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Mon, 05 Sep 2022 09:41:38 GMT
Server: Microsoft-IIS/10.0
ETag: "c059fcb1bc1d81:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 228075

GET
H/1.1 200
OK observability-exposed-thumbxmFdb4l.jpg
documents.trendmicro.com/images/TEx/articles/ 111 KB
111 KB 295ms
293ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/observability-exposed-thumbxmFdb4l.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0c690d682e9c95dd694a0dc7e4397c4cc377a602c7e8cd76be2178e593890ad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Wed, 20 Mar 2024 06:43:25 GMT
Server: Microsoft-IIS/10.0
ETag: "ff26efe8917ada1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 113339

GET
H/1.1 200
OK ransomware-btn-2h-2023-main-img-8003eNLXZB.webp
documents.trendmicro.com/images/TEx/articles/ 67 KB
68 KB 288ms
287ms Image
image/webp 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/ransomware-btn-2h-2023-main-img-8003eNLXZB.webp
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6790b63978d18c3003182620fadbd97236bf2ff6c3741911e61ea20df4ffb4af

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Thu, 21 Mar 2024 05:34:04 GMT
Server: Microsoft-IIS/10.0
ETag: "b8c563517bda1:0"
X-Powered-By: ASP.NET
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 69066

GET
H/1.1 200
OK 20221104085826974-905-AAJYBcI-800.jpg
documents.trendmicro.com/images/TEx/articles/ 23 KB
23 KB 276ms
261ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/20221104085826974-905-AAJYBcI-800.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c98bce22c29bde98d9e0d64e0ade97b9a86b3f419107643902eda5bc0aa0a8c4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Fri, 04 Nov 2022 08:58:27 GMT
Server: Microsoft-IIS/10.0
ETag: "3eff879a2bf0d81:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 23463

GET
H/1.1 200
OK Predictions-2024-banner-1000-wTiPPcH.webp
documents.trendmicro.com/images/TEx/articles/ 91 KB
91 KB 299ms
298ms Image
image/webp 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/Predictions-2024-banner-1000-wTiPPcH.webp
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 350b392ec44d00b6b789b546ce78ee429e6ea703c701fa916d3652cf315b6614

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Tue, 28 Nov 2023 09:21:09 GMT
Server: Microsoft-IIS/10.0
ETag: "3580de38dc21da1:0"
X-Powered-By: ASP.NET
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 93122

GET
H/1.1 200
OK calibrating-expansion-thumb-main-MDMlRXK.jpg
documents.trendmicro.com/images/TEx/articles/ 235 KB
236 KB 271ms
269ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/calibrating-expansion-thumb-main-MDMlRXK.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a1b21f08b61e062f9814fda28c782d6b354fdf5f85d9686395c312d93e7ffe13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:56 GMT
Last-Modified: Tue, 19 Mar 2024 06:33:36 GMT
Server: Microsoft-IIS/10.0
ETag: "3b8f755fc779da1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 241033

GET
H2 200 clientLibs.min.js Show response
www.trendmicro.com/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/ 840 B
671 B 133ms
126ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/clientLibs.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

898241655767777d954a01288720b8487c6bfcaf831a0243b1e19a5cc67906a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
last-modified: Tue, 23 Apr 2024 04:02:32 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713820_386904740_115909548_34_12089_61_0_182";dur=1
x-prod-n-01: Yes
content-length: 304
x-xss-protection: 1;mode=block

GET
H2 200 customPageScripts.js Show response
www.trendmicro.com/vinfo/sg/js/ 19 KB
4 KB 186ms
180ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/sg/js/customPageScripts.js?Ver3.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

9e347c398509851d680f4e2178b74bd3f24de921bacf4bca8d73cb9564a8c98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-n-02: Yes
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713837_386904740_115909580_333_10156_61_0_182";dur=1
content-length: 3699
x-xss-protection: 1;mode=block
last-modified: Fri, 22 Mar 2024 10:31:05 GMT
server: Akamai Resource Optimizer
etag: "d38b8aabb71da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=323332
accept-ranges: bytes
expires: Mon, 06 May 2024 04:00:45 GMT

GET
H2 200 vendor.min.js Show response
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/ 430 KB
125 KB 186ms
181ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/vendor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

268dfa4007ddcf394e76cceaf431178163f3e33a2844ce9f038f7d5b5c8cf28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-n-02: Yes
last-modified: Thu, 25 Apr 2024 00:33:39 GMT
server: Akamai Resource Optimizer
date: Thu, 02 May 2024 10:11:53 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713838_386904740_115909581_299_9803_61_0_182";dur=1
content-length: 127093
x-xss-protection: 1;mode=block

GET
H2 200 clientlibs.min.js Show response
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/ 117 KB
23 KB 196ms
190ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

ea6fd34781a3ed74fe03b32c21b77e034009af1b5442a53d369cb7209f1e7a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-n-02: Yes
last-modified: Thu, 18 Apr 2024 17:17:02 GMT
server: Akamai Resource Optimizer
date: Thu, 02 May 2024 10:11:53 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713837_386904740_115909582_263_10217_61_0_182";dur=1
content-length: 22872
x-xss-protection: 1;mode=block

GET
H2 200 header-footer.min.js Show response
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/ 36 KB
6 KB 198ms
192ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/header-footer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

523e8e412693994fe6b7c57035ee70d6d0981da58428747101852ac0710fbded

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-n-02: Yes
last-modified: Thu, 28 Mar 2024 13:01:06 GMT
server: Akamai Resource Optimizer
date: Thu, 02 May 2024 10:11:53 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713839_386904740_115909583_405_8659_61_0_182";dur=1
content-length: 5336
x-xss-protection: 1;mode=block

GET
H2 200 jquery.dataTables.min.js Show response
www.trendmicro.com/vinfo/cloudlink/datatables/ 80 KB
25 KB 199ms
194ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/cloudlink/datatables/jquery.dataTables.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

a9c575c2bf9b9f836806dc58aa0866cb558806fc5ea1ef2f4250a8c0b1be7278

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-n-02: Yes
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713838_386904740_115909584_350_10028_61_0_182";dur=1
content-length: 24837
x-xss-protection: 1;mode=block
last-modified: Thu, 21 Mar 2024 02:26:56 GMT
server: Akamai Resource Optimizer
etag: "71114878daabd31:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=421129
accept-ranges: bytes
expires: Tue, 07 May 2024 07:10:42 GMT

GET
H2 200 jquery-ui.min.js Show response
www.trendmicro.com/vinfo/cloudlink/jqueryui/ 235 KB
53 KB 200ms
195ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/cloudlink/jqueryui/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:53 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=15, ak_p; desc="1714644713838_386904740_115909585_1702_9921_61_0_182";dur=1
x-prod-n-01: Yes
content-length: 54035
x-xss-protection: 1;mode=block
last-modified: Sun, 21 Apr 2024 01:59:43 GMT
server: Akamai Resource Optimizer
etag: "5a416511dbabd31:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=423988
accept-ranges: bytes
expires: Tue, 07 May 2024 07:58:21 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8.1/themes/base/ 32 KB
6 KB 359ms
113ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.1/themes/base/jquery-ui.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

c17625547e20f91e831da065cc127ac73b17df21ea578a3a87df6baabf58d47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 14:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Apr 2025 14:37:40 GMT

GET
H2 404 token.json Show response
www.trendmicro.com/libs/granite/csrf/ 196 B
415 B 135ms
134ms XHR
text/html 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trendmicro.com/libs/granite/csrf/token.json
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-199.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: gzip
server: nginx
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1714644713492_386904740_115909103_760_11197_57_0_219";dur=1
content-length: 173
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 394ms
113ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/js/analytics.js?v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 May 2024 09:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1851
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 02 May 2024 11:41:03 GMT

GET
H2 200 autopilot_sdk.js Show response
cdn.bc0a.com/autopilot/f00000000017219/ 37 KB
14 KB 190ms
61ms Script
application/javascript 35.201.125.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bc0a.com/autopilot/f00000000017219/autopilot_sdk.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.sync.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.125.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.125.201.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8f165f985e320dc59f197fbbb490da7c547d89887457ad09dfe75599c950bc7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

x-goog-meta-marvel_enabled: false
content-security-policy: default-src 'self' 'unsafe-inline';
content-encoding: gzip
age: 161
x-guploader-uploadid: ABPtcPpbHhUCe4PsUAsXLUSVxWdy6W1vwdMJAegsQma7FgW-LKhugyHxZGkLPCS_fP328YJbAuA
x-goog-meta-sdk_canonical_host
x-goog-meta-sdk_whitelist: ixf
x-goog-stored-content-encoding: gzip
x-goog-meta-publishingdate: 2023-10-20 15:39:22
x-goog-meta-sdk_canonical_protocol
etag: "3aad08e612ecaabb32fad8e36d99578e"
vary: Accept-Encoding
x-goog-generation: 1697816362499806
content-language: en
access-control-allow-origin: *
x-goog-meta-custom: true
access-control-expose-headers: Content-Type
x-goog-meta-marvel_test_mode: false
cache-control: public, max-age=360
content-type: application/javascript
x-goog-meta-spa: false
expires: Thu, 02 May 2024 10:15:12 GMT
x-goog-meta-sdk_version: 1.5.9
date: Thu, 02 May 2024 10:09:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-goog-meta-sdk_account_id: f00000000017219
x-goog-meta-sdk_request_parameters_case_sensitive: false
x-goog-meta-marvel_config_consistency_custom: {"data-url":"dataservice.tmok.tm/tc.png,trendmicro.scene7.com,0,.66,1&qlt=80,1.0&amp","data-dropsrcset":"true","data-customerid":"f00000000017219","data-ignorepath":"uat-author.we.trendmicro.com,uat.we.trendmicro.com,prod-author.we.trendmicro.com,qa-author.we.trendmicro.com,qa.we.trendmicro.com"}
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-marvel_customer_id
x-goog-metageneration: 3
x-goog-meta-sdk_log_level: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12736
x-goog-meta-content_only: false
last-modified: Fri, 20 Oct 2023 15:39:22 GMT
server: UploadServer
x-goog-hash: crc32c=x1TL3Q==, md5=Oq0I5hLsqrsy+tjjbZlXjg==
x-goog-stored-content-length: 12736
accept-ranges: bytes
x-goog-meta-disable_debug_elements: false

GET
H2 200 01637482538 Show response
ixfd2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000017219/ 8 KB
1 KB 246ms
114ms XHR
application/json 34.111.194.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ixfd2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000017219/01637482538?client=js_sdk&client_version=1.5.9&orig_url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&base_url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.194.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 12.194.111.34.bc.googleusercontent.com
Software: bws/1.0 /
Resource Hash: 9f0f8b97bbedd536c657c8509450f8dbcc3618032ee7b22577d6d6f00f6a0e47

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-be-pop: BRU-1-301
date: Thu, 02 May 2024 10:11:51 GMT
content-encoding: br
via: 1.1 google
server: bws/1.0
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
74 KB 360ms
124ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MT6DHL8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f8f35d55cbdd774face07a45ddd6c81038550e860d3d6ce6d2f22b7c89bc2012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75605
x-xss-protection: 0
last-modified: Thu, 02 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 May 2024 10:11:54 GMT

GET
H2 200 LJA84-589LU-SVNVV-WKPLQ-NBTC7 Show response
s.go-mpulse.net/boomerang/ 159 KB
40 KB 349ms
115ms Script
application/javascript 2.23.196.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/LJA84-589LU-SVNVV-WKPLQ-NBTC7
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.196.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-196-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2f1872ca675850da33a82c31c6f2c573bc2a8a7c4634c21ed0370638193975b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Thu, 25 Apr 2024 09:33:54 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 41190

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 104 KB
20 KB 137ms
136ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fe64dd95a740fb72121daa90d115d03cb474c54420febb42dbab4b9f31d62e7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dlfeMVmMDxyWupPfFyHan4P3S1we.Lzw
content-encoding: br
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:10:26 GMT
last-modified: Wed, 01 May 2024 00:07:43 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 100
x-amz-server-side-encryption: AES256
etag: W/"374bfdce9788da6113251f2ec5030b52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: uOOUnV74HdLIP-zHQ4ttJ5dhbwBlU3M2pQtGesdom1FES6RRtJ6jvg==

GET
H2 200 xdr-product-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 12 KB
0 0ms
0ms Image
image/webp 23.223.17.167
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.17.167 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-17-167.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 99c5c8d1040d32b66101e0927cb5c7c5bad06cc808fd6a4da553cb016d067563

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
-x-adobe-assetlist: [trendmicro/xdr-product-console-shot]
last-modified: Wed, 04 Jan 2023 02:43:22 GMT
server: Unknown
-x-adobe-smart-imaging: 0
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "43fed6cdf7b9dd8837ae00c4a12658b9"
akamai-grn: 0.a7962a17.1714644714.4f2d571c
x-adobe-assetlist: QlpoOTFBWSZTWSzIeOkAAAITgAACgAoOZ95AIAAxTJiZBkYUGTQMGpD6ZCPsuEfgkoW50OJVGIEuNhB8XckU4UJAsyHjpA==
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 12440
expires: Thu, 02 May 2024 19:55:27 GMT

GET
H2 200 OpenSans.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/OpenSans/ 58 KB
58 KB 138ms
136ms Font
application/octet-stream 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/OpenSans/OpenSans.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4a7f7e246fb61ccc3f57cd38061bbbdd4ada9768649d9d3e3362ec46be278bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 17:04:23 GMT
server: nginx
date: Thu, 02 May 2024 10:11:53 GMT
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=1002
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713850_386904740_115909598_148_10147_61_0_255";dur=1
content-length: 59444
x-xss-protection: 1;mode=block

GET
H2 200 material-symbols-outlined.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/ 225 KB
226 KB 142ms
141ms Font
application/octet-stream 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/material-symbols-outlined.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/vendor.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ad514bcb3f2e982a190a5e963a29655f37824683a85f6b9ebe942ebd735e18ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/vendor.min.css
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 02 May 2024 10:11:53 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 17:07:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=1631
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713851_386904740_115909599_242_9325_61_0_255";dur=1
x-prod-n-01: Yes
content-length: 230732
x-xss-protection: 1;mode=block

GET
H2 200 Interstate.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate/ 41 KB
41 KB 159ms
159ms Font
application/octet-stream 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate/Interstate.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5bfa00cf23b38ea03bdcf0c04fabb32c8b1fb36b62f7bdabb5071ed6676701b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 02 May 2024 10:11:53 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 17:04:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=1180
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713849_386904740_115909600_90_10851_61_0_255";dur=1
x-prod-n-01: Yes
content-length: 41508
x-xss-protection: 1;mode=block

GET
H2 200 jquery.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/ 111 KB
0 0ms
0ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

5e22ea5c930abbc085ab76916ce30cff31ab7aefc38bcb7dc1158b3c500303d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2024 08:55:36 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713228_386904740_115908788_41_9468_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 34015
x-xss-protection: 1;mode=block

GET
H/1.1 200
OK RS-Clop-web-cover-01ReeTjIk.jpg
documents.trendmicro.com/images/TEx/articles/ 92 KB
93 KB 684ms
269ms Image
image/jpeg 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/articles/RS-Clop-web-cover-01ReeTjIk.jpg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 911e1f016949a72326ea2b2f623fd2e2e0fe9f0485eee20439aed767c2554e64

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Last-Modified: Tue, 15 Feb 2022 11:04:48 GMT
Server: Microsoft-IIS/10.0
ETag: "e0aff4d85b22d81:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 94488

GET
H/1.1 200
OK 20201113015844405-223-sjbL52k.png
documents.trendmicro.com/images/TEx/icons/ 5 KB
5 KB 268ms
262ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113015844405-223-sjbL52k.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9fe07ee1f76ed22f258cf241d8e8589bef009e936197447f719d179cbab7ae93

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Fri, 13 Nov 2020 09:58:44 GMT
Server: Microsoft-IIS/10.0
ETag: "5749592a3b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5052

GET
H/1.1 200
OK 20201113020620395-807-44AcVio.png
documents.trendmicro.com/images/TEx/icons/ 10 KB
10 KB 295ms
294ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113020620395-807-44AcVio.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fa688df996d472fb14d08bc17f7fe64c2b2e3ac38ae257f82cb0f4ca3fdcbe9d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Fri, 13 Nov 2020 10:06:20 GMT
Server: Microsoft-IIS/10.0
ETag: "fb995fa2a4b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10413

GET
H/1.1 200
OK 20201113015842874-867-MsbfHbA.png
documents.trendmicro.com/images/TEx/icons/ 3 KB
4 KB 274ms
272ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113015842874-867-MsbfHbA.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7be7f64dc1e7074084ee99aac559caa7790d324e8f9ca246dc7dc9e00adac98b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Fri, 13 Nov 2020 09:58:42 GMT
Server: Microsoft-IIS/10.0
ETag: "1f5dab91a3b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3429

GET
H/1.1 200
OK 20201113013620138-994-t7wdxoU.png
documents.trendmicro.com/images/TEx/icons/ 10 KB
10 KB 292ms
289ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113013620138-994-t7wdxoU.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 239fdb6730e9f234b8b39d72ee99af8a762b69ed075c7cbbaf2751dceec1a0ed

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Fri, 13 Nov 2020 09:36:20 GMT
Server: Microsoft-IIS/10.0
ETag: "971e5671a0b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9810

GET
H/1.1 200
OK 20201113020606708-849-kKYgaik.png
documents.trendmicro.com/images/TEx/icons/ 7 KB
7 KB 262ms
259ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113020606708-849-kKYgaik.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3600b030ef76b6efd7cb2388789614afac27fc1f83c814a701daaa227cef44d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Fri, 13 Nov 2020 10:06:06 GMT
Server: Microsoft-IIS/10.0
ETag: "2b7379aa4b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7219

GET
H/1.1 200
OK 202011130152229-965-fo7X4P9.png
documents.trendmicro.com/images/TEx/icons/ 6 KB
7 KB 295ms
294ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/202011130152229-965-fo7X4P9.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a9c5b1a13a2f7df690eba5f5562a012c8287e104e75f3844158b759611b495a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Fri, 13 Nov 2020 09:52:22 GMT
Server: Microsoft-IIS/10.0
ETag: "d7fd2fafa2b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6531

GET
H/1.1 200
OK 20201125001604841-231-eFY5xS3.png
documents.trendmicro.com/images/TEx/icons/ 47 KB
47 KB 260ms
260ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201125001604841-231-eFY5xS3.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d82b1a9a2cc1e98aab345965c63e6cdc6d5782d5ab2ddccc99edb4fa28058202

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Last-Modified: Wed, 25 Nov 2020 08:16:04 GMT
Server: Microsoft-IIS/10.0
ETag: "968429383c3d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 47992

GET
H/1.1 200
OK 20201113014002-752-StBo3Eg.png
documents.trendmicro.com/images/TEx/icons/ 5 KB
5 KB 269ms
269ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113014002-752-StBo3Eg.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 165e3a9b29dd3c7cfc6eb330ace9284d6f8a4de52f34b78e4d84f6faa28206a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:56 GMT
Last-Modified: Fri, 13 Nov 2020 09:40:02 GMT
Server: Microsoft-IIS/10.0
ETag: "5b9b93f5a0b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4958

GET
H/1.1 200
OK 20201113020612458-795-uVriV2R.png
documents.trendmicro.com/images/TEx/icons/ 3 KB
3 KB 265ms
265ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113020612458-795-uVriV2R.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2a4e748b01ca6bb2a1bc3e344a815e2b1a3e7f9a7de1be6ff0959f0e83f45d05

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:56 GMT
Last-Modified: Fri, 13 Nov 2020 10:06:12 GMT
Server: Microsoft-IIS/10.0
ETag: "6b6ba49da4b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3176

GET
H/1.1 200
OK 20201113014001625-842-Qm8VLCY.png
documents.trendmicro.com/images/TEx/icons/ 7 KB
7 KB 299ms
298ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113014001625-842-Qm8VLCY.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c2b094f33d25173f475f41a0526bbcb2acebf727a5239decda05553375d2920a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:56 GMT
Last-Modified: Fri, 13 Nov 2020 09:40:01 GMT
Server: Microsoft-IIS/10.0
ETag: "bb625af5a0b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7381

GET
H/1.1 200
OK 20201113021244244-629-2PxiwaM.png
documents.trendmicro.com/images/TEx/icons/ 10 KB
10 KB 298ms
298ms Image
image/png 150.70.178.131
AS2-TRENDMICRO-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://documents.trendmicro.com/images/TEx/icons/20201113021244244-629-2PxiwaM.png
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS: sjc1-te-ftp.trendmicro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cd934d18b2a48ed04d6fe7f97745ab75bcf32cacfcef4c2b6bd21c8b624542d1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:56 GMT
Last-Modified: Fri, 13 Nov 2020 10:12:44 GMT
Server: Microsoft-IIS/10.0
ETag: "63422a87a5b9d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10127

GET
H2 200 Interstate-ExtraLight.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-ExtraLight/ 23 KB
24 KB 133ms
132ms Font
application/octet-stream 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-ExtraLight/Interstate-ExtraLight.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f3deafdceca8489bc6713e7ff9c3869c17177783edf1b56a39c20fc301dbfaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 02 May 2024 10:11:54 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 17:04:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=767
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644714130_386904740_115910019_32_11255_57_0_255";dur=1
x-prod-n-01: Yes
content-length: 23728
x-xss-protection: 1;mode=block

GET
H2 200 Interstate-Light.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-Light/ 54 KB
55 KB 143ms
141ms Font
application/octet-stream 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-Light/Interstate-Light.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fa308959966462d3ef5890122526efbfe12e868a30803cfaec0d4786d9ff54a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 17:04:23 GMT
server: nginx
date: Thu, 02 May 2024 10:11:54 GMT
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=1047
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644714146_386904740_115910035_189_11295_57_0_255";dur=1
content-length: 55608
x-xss-protection: 1;mode=block

GET
H2 200 SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hEk5a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/ 15 KB
15 KB 464ms
221ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hEk5a1PiLA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b592cbd3146f76d70e35b1cb5807a0df441c83c29a5bc70d7b68c4269cc8444d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 19:23:38 GMT
x-content-type-options: nosniff
age: 398896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15168
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:53:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 19:23:38 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 480ms
237ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 473158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 22:45:56 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 356ms
113ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@300;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 06:00:56 GMT
x-content-type-options: nosniff
age: 447058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 06:00:56 GMT

GET
H2 200 utils.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/ 10 KB
0 0ms
0ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Apr 2024 07:54:08 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713238_386904740_115908789_1002_12297_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 3224
x-xss-protection: 1;mode=block

GET
H2 200 granite.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/ 4 KB
0 0ms
0ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2024 13:08:02 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713228_386904740_115908790_44_9399_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 1422
x-xss-protection: 1;mode=block

GET
H2 200 clientLibs.min.js Show response
www.trendmicro.com/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/ 840 B
0 0ms
0ms Script
application/javascript 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/clientLibs.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

898241655767777d954a01288720b8487c6bfcaf831a0243b1e19a5cc67906a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 23 Apr 2024 04:02:32 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644713820_386904740_115909548_34_12089_61_0_182";dur=1
x-prod-n-01: Yes
content-length: 304
x-xss-protection: 1;mode=block

GET
H2 200 twitter-X-logo-01ITqorvT.svg
documents.vicone.com/images/icons/ 502 B
0 0ms
0ms Image
image/svg+xml 143.204.98.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://documents.vicone.com/images/icons/twitter-X-logo-01ITqorvT.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-120.fra50.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

36dddcbd8045ce061726b0f8194e1a582de23d473ed771928caeb0ec85ecb93d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 06:25:48 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
age: 13701
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 502
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Sep 2023 05:42:07 GMT
server: Microsoft-IIS/10.0
etag: "90747de3be5d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: QJyA_K8qToWc32za2ddCr5P3l6CLonXjFvy_zs4FKE7o5gs9Njgp5A==

GET
H2 200 utag.18.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 2 KB
1 KB 116ms
115ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.18.js?utv=ut4.49.201510262117
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9394d313280f38b966bdd12a469cc87306ad6c522b72c8e1fba3ce11ef56bb44

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DE41yZhIGBYaLAWba.zhXy2RYMrf5gc_
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:07:53 GMT
last-modified: Wed, 01 May 2024 00:07:38 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 242
x-amz-server-side-encryption: AES256
etag: W/"34320140afbddf345a7e8fef80b39f74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 8lUMx4uQfgiduBB61lw8SRsJvNa4yGcQku8aRAEeTi4nWIDdeJadsQ==

GET
H2 200 utag.22.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 2 KB
2 KB 158ms
158ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.22.js?utv=ut4.49.201510262117
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c9a7c2f83b40533024d7988adf472a7288741a658bd614870ae962a54d1f41d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: jgR2VXvmAD1QVKykCyMW2pFhFEpuyC_g
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:11:54 GMT
last-modified: Wed, 01 May 2024 00:07:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 3
x-amz-server-side-encryption: AES256
etag: W/"b10e4761df43ba8705cf0e0cacf10dc9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: hf9SQ_MObfzY_3gYAqa0AHb82eaAP-owfqfgykNQj-MZJQFSpPAgcw==

GET
H2 200 utag.81.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 26 KB
7 KB 124ms
123ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.81.js?utv=ut4.49.202311172229
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e605b5e5b7c9854fa3acbec0326de0fbda080b24b1e473e4d9201c006213dd64

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: E.Uab2wgVZN8xGOXrAi6dqMy_i_wSR7k
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:09:09 GMT
last-modified: Wed, 01 May 2024 00:07:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 178
x-amz-server-side-encryption: AES256
etag: W/"071acabd0e1f902e05ecb5b0ef12c6b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: fsbAJqf6izpUN9ADYGo4BbZqJTJRXuyd-CnI9pFxs0LDNMy8a3w93g==

GET
H2 200 utag.43.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 2 KB
1 KB 126ms
125ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.43.js?utv=ut4.49.201510262117
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfa89fa8541c3a5419ef9c9cfd661ecf2a33acbefafee5178751d9b22a6f106e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: T6mnkEAS7cQFvbsNH.K5GYifSgSuqKEW
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:07:53 GMT
last-modified: Wed, 01 May 2024 00:07:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 242
x-amz-server-side-encryption: AES256
etag: W/"136442c2e12be38fdd483943990056e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: AJYTrP9CmVVLNNtgB5oU0H8Q2kkjkR5P7G-AHin3ZhfAIgdqkICxMQ==

GET
H2 200 utag.75.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 3 KB
2 KB 126ms
125ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.75.js?utv=ut4.49.201608171750
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3dd910d834f9e8f313fd0a9dbadcf96301f942d2a046907111138a8ce87d6753

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: bQAMMT02cBsKlbhqV.MMFg0JoXM2DxN3
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:07:53 GMT
last-modified: Wed, 01 May 2024 00:07:43 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 242
x-amz-server-side-encryption: AES256
etag: W/"186967273472720000b02863c1520516"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: DklOFzKmzh5u7VGsMCPnTilbuxtGx8W3u4qQTRoGugrdBM7ASTljoQ==

GET
H2 200 utag.89.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 730 B
1 KB 126ms
125ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.89.js?utv=ut4.49.201705092005
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0eb1bcddd439c22603c63c97fbc82f70586068a13b31505872d0a94073ad34c3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WgZTiXZp0N85sSkgG7VHOyRm6fDqOVpp
date: Thu, 02 May 2024 10:07:53 GMT
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 730
last-modified: Wed, 01 May 2024 00:07:36 GMT
server: AmazonS3
etag: "7e1bf331f9dda10efd342340042fd61c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: pU11kXIYVXuOJCjVVCQ29n4PbpTaAvy-Z8zHL_Wi_SKe4SeoYmcWzw==

GET
H2 200 utag.99.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 10 KB
3 KB 127ms
125ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.99.js?utv=ut4.49.201709111706
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78b166673ae72db9a05b2798eb5f46c45bd5611d9ebffb780508dded90bf1904

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: P9NMO.QCWKAbmsFpc553XaDHpujbIOSa
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:07:53 GMT
last-modified: Wed, 01 May 2024 00:07:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 242
x-amz-server-side-encryption: AES256
etag: W/"b5582c970e959d1883bcf948747aa7b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: DOQ_Fqxtj8YUPeNxGF7Zp8Exd_9WFEqHaxRMFxPQigcws6rfOtzHfw==

GET
H2 200 utag.130.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 23 KB
6 KB 126ms
125ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.130.js?utv=ut4.49.202008201639
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09576a4031c2ebfb4c4e9b70b08ef26ffe7230c6a16eda706e02a12b28b84792

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: X.4DrrzNYgOkIBGbCQBY8infWsglrxMm
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:09:09 GMT
last-modified: Wed, 01 May 2024 00:07:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 178
x-amz-server-side-encryption: AES256
etag: W/"eda8e7fde1793e0ac2021bc732e57f27"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 5ubCbQMOjhlCXGk0pwGMUeAatVmEaM8tCk0fge0DkFJDDcIEmM386w==

GET
H2 200 utag.132.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 2 KB
2 KB 156ms
155ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.132.js?utv=ut4.49.202012011956
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6751ec7ce49e73c33dbd4e03356d3f7de5fa2eadcc898c384bd76f590a29d9e0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: m.oqHgi62RgPJLx7.aEdrbl5OkueQ5XM
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:11:54 GMT
last-modified: Wed, 01 May 2024 00:07:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 3
x-amz-server-side-encryption: AES256
etag: W/"33e8a810a58df031643b6f7b2e0d2e2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: UBzZzsgGPrtfF1jaRAcOgJiAsqHtNwe4bHO7QChv2SjoMuGo8aMqjA==

GET
H2 200 utag.134.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 4 KB
2 KB 134ms
133ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.134.js?utv=ut4.49.202307242055
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4df42d2eca12b4c135b63af085543410a6f33a973dc9b447b06fdf3163702004

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: saOF1e9HO4B4RS2eEiePy7UlwT3ANPVJ
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:07:53 GMT
last-modified: Wed, 01 May 2024 00:07:36 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 242
x-amz-server-side-encryption: AES256
etag: W/"2ac2763e0c8c74f2a16c78b4b2e3f6ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: U3BO6gYEREU7Yjl9JkBf5oCODB0_eQAJEI1NJ8buWlagG3WBUd-lUw==

GET
H2 200 utag.162.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 15 KB
5 KB 181ms
178ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.162.js?utv=ut4.49.202311172229
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18dec942dcdd0d259cbb7dfab85d8990438d9d7c0e53f6e1a4c34c1beaca6022

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MmCL_dfulZUaHuzhbvx6FYcB9pMEudVE
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:11:54 GMT
last-modified: Wed, 01 May 2024 00:07:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 3
x-amz-server-side-encryption: AES256
etag: W/"cbdbd64fc74946d048b6dcb9c3a2b5c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: QwBFSPURPy90yWFaLovnSAOLZzHbTeXihVnxz7KQCYjtrTft9-_2ew==

GET
H2 200 utag.163.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 2 KB
1 KB 175ms
173ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.163.js?utv=ut4.49.202307101900
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1238779b27a319a6dac5a54af8995be196e456de87dac40a5556d80853fbb761

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8Bd7rvpo37Z83qmhb6tanT0x0o1DKFD6
content-encoding: br
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:09:27 GMT
last-modified: Wed, 01 May 2024 00:07:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 148
x-amz-server-side-encryption: AES256
etag: W/"091e973b590b58eb162a4cd0efbe000b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: hW8sSdLUOS49TCtEN_-zQoBYc9FiZC9UJjrb6k1eQr2NKDtTWH93jA==

GET
H2 200 utag.166.js Show response
tags.tiqcdn.com/utag/trendmicro/apaccms/prod/ 4 KB
2 KB 165ms
163ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.166.js?utv=ut4.49.202403051652
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82fbdd40d389186cc9d722802e13a36e75fa2fc4f548b9595a35ca43e2e630a2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: sXLNSA6vNjoLS_A1SDNCMSRL.lyGeTjc
content-encoding: gzip
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 10:07:53 GMT
last-modified: Wed, 01 May 2024 00:07:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 242
x-amz-server-side-encryption: AES256
etag: W/"da8d60705b335a27c6a261ff9b34bd76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: axscJZStpW32n4IV4iPbCm85vg9h0ZRDRNbSRyqbffi2_aTbLQwbAg==

GET
H2 200 fontawesome-webfont.woff2
www.trendmicro.com/vinfo/sg/fonts/ 75 KB
76 KB 318ms
318ms Font
application/x-font-woff2 2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/vinfo/sg/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/vinfo/sg/css/font-awesome.min.css
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:54 GMT
last-modified: Thu, 22 Dec 2016 07:50:34 GMT
server: nginx
etag: "0c15513285cd21:0"
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff2
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=18, origin; dur=167, ak_p; desc="1714644714312_386904740_115910271_18706_13605_57_0_255";dur=1
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1;mode=block

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 801ms
262ms Script
application/x-javascript 23.49.133.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.133.210 Vancouver, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-49-133-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 190ms
190ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 09:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1851
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 02 May 2024 11:41:03 GMT

GET
H2 200 insight.min.js Show response
sjs.bizographics.com/ 48 KB
17 KB 695ms
216ms Script
application/javascript 23.223.17.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sjs.bizographics.com/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.43.js?utv=ut4.49.201510262117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.17.209 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-17-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

05dce95eaa2457f1ed9076e0d32b59680b654cf7ca6a4e35f3fe682c78f460b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2024 10:06:07 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=68842
accept-ranges: bytes
content-length: 17038

GET
H2 200 revenuepulse-lib-v3.js Show response
resources.trendmicro.com/rs/945-CXD-062/images/ 2 KB
1 KB 270ms
145ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.trendmicro.com/rs/945-CXD-062/images/revenuepulse-lib-v3.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8366292b6413e815888abbc34c7800df0b1d8101bff22e1f3ca1f34170a73b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Apr 2024 01:53:48 GMT
server: cloudflare
etag: "4e03b2-6f3-6170a4a8c749a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 87d73ad998d7e3cf-TLV
content-length: 695
expires: Thu, 02 May 2024 10:12:54 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 432ms
107ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.99.js?utv=ut4.49.201709111706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-etou8220132-FRA

GET
H2 200 6si.min.js Show response
j.6sc.co/ 65 KB
18 KB 359ms
114ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

95ef911fcf12dfe0a1fb5b17a3b24fa81c6b07b102b435949b06e7e124de51cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Apr 2024 23:17:01 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "662ae46d-10585"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17942
expires: Thu, 02 May 2024 10:11:54 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 393ms
115ms Script
application/javascript 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 09 May 2024 10:11:54 GMT

GET
H2 200 5e1fe3df4dced1c6.min.js Show response
scripts.demandbase.com/ 77 KB
22 KB 693ms
149ms Script
application/javascript 18.245.46.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/5e1fe3df4dced1c6.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-25.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ce94ba43ce703b7b7710cc3d63aa581aeea6a30844eb015a8549c8f25105e934

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: grakrveqsvyAf5FNa2rWzCpvM0VLBR46
content-encoding: gzip
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 09:51:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 1267
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 29 Mar 2024 23:30:53 GMT
server: AmazonS3
etag: W/"b48b1409a4f857a375ddfa16fb22713f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: j2ztca2-6owPdSu0AtXT5NRGc6lxJPKXLn-BN-juQAUpNCiuG-KJ8Q==

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 255ms
126ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25339
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"e346c2841e4abbb66ee259e9540abb61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xjq7QFbi12VLG54U%2Bjg5quy%2FqZWru17BHm6PirUOYF94VC2B7wKgRRo6Tq0MWiJPYNcOnO%2BzleFhfMH2CV3E8h8WUqGEd6QTErTt6AGLBVlmKbsyuCHSr1v00lL3d2%2BHGJuSTSjs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 87d73adc0d179217-FRA

GET
H2 200 equally-widget.min.js Show response
widget.equally.ai/ 938 KB
258 KB 383ms
139ms Script
application/javascript 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.equally.ai/equally-widget.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.163.js?utv=ut4.49.202307101900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aa2b9523f8e317ac926848006540a6f0491f3688468d7aa564b3e0d35f3a3845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 09:36:11 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 7678
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"50af0654b844f1095eeb95e69f91289a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: Bo6b6gfpOHwnF45vo6Q4_KRwBkh6OcwKxVg8JSfYt4slb7Vyk8pvOQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
96 KB 131ms
129ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-26GX0VHJ0F

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

904a93f9ae361898613e763ca338a3ea0c4890c5c96417145e6716725b342319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 10:11:55 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 123ms
114ms Script
application/javascript 18.65.39.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=trendmicro/apaccms/202405010006&cb=1714644714399
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-117.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 02 May 2024 10:02:02 GMT
via: 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 593
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: l_Wnj_rIK3ndRmGnNjS7EzIsOtETEYZu_ZXRLJ2lMid22vCz-Rm_Zg==

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 124ms
116ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 09:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 May 2024 10:42:28 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
811 B 121ms
118ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 09:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 May 2024 10:55:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 127ms
127ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=535177906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&dr=https%3A%2F%2Fvisit.trendmicro.com%2F&ul=he-il&de=UTF-8&dt=Ransomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIrAAAAACAAI~&jid=1512842814&gjid=34253711&cid=317975328.1714644715&tid=UA-15678759-2&_gid=1412209067.1714644715&_r=1&_slc=1&z=1817087937

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

826354627bb80d8338c31b0d8752bc3c527c36eca6b6c248c28899aa61a454c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
96 KB 132ms
131ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-26GX0VHJ0F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6DHL8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ad892170dcd93b3010823845f870e0049f7ddfa54b70ec72dfd842c9f9e052fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 10:11:54 GMT

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 2 KB
1004 B 871ms
334ms XHR
application/json 184.30.152.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=LJA84-589LU-SVNVV-WKPLQ-NBTC7&d=www.trendmicro.com&t=5715482&v=1.785.70&sl=0&si=6f0bce7f-8a0d-4801-8465-ccae4bd688c4-scusbr&plugins=AK,ConfigOverride,Continuity,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Errors,Akamai,EventTiming,BFCache,LOGN&acao=&ak.ai=807181
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.152.138 Vancouver, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-152-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 15cc9439c3827f46817521e1e654d67bc2592f896250d97da785e81505a29345

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:55 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 821

GET
H2 200 adsct
t.co/i/ 43 B
375 B 811ms
307ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=1b061d26-0fa1-4fa6-afdc-e3d4822840c1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=348b02fb-e9b4-4413-99fb-dfb87f469854&tw_document_href=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuwoi&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 188
date: Thu, 02 May 2024 10:11:54 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3cc204eab79a6b23
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 675ac7f2faea3cfc07ee8ca2c4b5e1b3ba472556c5dc05ff9534c9d8a8239777
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 918ms
305ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1b061d26-0fa1-4fa6-afdc-e3d4822840c1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=348b02fb-e9b4-4413-99fb-dfb87f469854&tw_document_href=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuwoi&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 182
date: Thu, 02 May 2024 10:11:55 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 32817715d4ce5cd1
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 7c9e7953c17ab326cb1ed93d48fd2b1de6d24300567b7e5f918c0bd4a2f0e68f
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 126ms
126ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=535177906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&dr=https%3A%2F%2Fvisit.trendmicro.com%2F&ul=he-il&de=UTF-8&dt=Ransomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEIrBAAAACAMI~&jid=1327334487&gjid=197464117&cid=317975328.1714644715&tid=UA-113093487-2&_gid=1412209067.1714644715&_r=1&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&z=277034866

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 122ms
121ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=535177906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&dr=https%3A%2F%2Fvisit.trendmicro.com%2F&ul=he-il&de=UTF-8&dt=Ransomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEIrBAAAACAMI~&jid=1100972322&gjid=683790192&cid=317975328.1714644715&tid=UA-113093487-6&_gid=1412209067.1714644715&_r=1&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&cd1=en_sg&z=1167107137

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 350ms
114ms XHR
text/plain 108.177.15.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15678759-2&cid=317975328.1714644715&jid=1512842814&gjid=34253711&_gid=1412209067.1714644715&_u=IEBAAEIqAAAAACAAI~&z=1161509946

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 May 2024 10:11:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
92 KB 129ms
129ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9RTX7DD265&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f0e45adb60d1f9efffc0aaec90436ac5415c3196e8c8a9d75a1bb10233b59df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 10:11:54 GMT

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame A942 0
0 246ms
129ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.trendmicro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 27341
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 87d73add9b408ec4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 10:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSb6ceU8Km%2FQoBhHnOVawQ5nlOg7YHtAwc1zYeeACM1Vejf1hsvQsU5EgzZBYHlnxkwG7E3VnrdXIcTw%2FClwIyVWcp%2BvsfkuC8R0rRwidtcjh65vd3CqQFRL0gJVfF3Dqwl1JOvRnnEjZi6fPTkCvL%2Fd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.BRQnzO8v.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 258ms
133ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9276
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"25da5432b1057724b8210f17e9b9db05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dugEIVV1LsLzDnyVWxEqyiFA0R7FIHuJCRidT%2B2spE%2BP1k6Kkxu59PLq%2B%2FG1FQWyMwhnAhx9qHD1u9T87MXoPpJajQ4tzjrJPaSWyDNPAmFKX5glFGlwotzR3Gx6ZtYpgPOW2cmxDMcX1NewN%2BBUWbaZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 87d73addade6925f-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 254ms
116ms XHR
text/plain 108.177.15.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-113093487-2&cid=317975328.1714644715&jid=1327334487&gjid=197464117&_gid=1412209067.1714644715&_u=aGDACEIrBAAAACAMI~&z=26125195

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 May 2024 10:11:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-yyb3JEF9Pm8ey.js Show response
rules.quantcount.com/ 3 B
448 B 385ms
112ms Script
application/javascript 18.66.102.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-yyb3JEF9Pm8ey.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 03:32:03 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 23992
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:25:15 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: NHiy5bkYj0ubutWIGAsp6Tdtg-YCKDWkqOBtNBN3JUowmu5Yz2ZfUA==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 121ms
120ms Ping
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-26GX0VHJ0F&gtm=45je44t0v870047709za200&_p=1714644713756&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dYmQxMT&cid=317975328.1714644715&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714644715&sct=1&seg=0&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&dr=https%3A%2F%2Fvisit.trendmicro.com%2F&dt=Ransomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG&en=page_view&_fv=1&_ss=1&_ee=1&ep.consumer=not_consumer&tfd=3703
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-26GX0VHJ0F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
703 B 401ms
123ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:55 GMT
an-x-request-uuid: b6c8af97-3bbb-438c-880e-024d4a58f379
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.187.78.119; 31.187.78.119; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
195 B 129ms
123ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:55 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.trendmicro.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
285 B 655ms
218ms XHR
text/html 23.205.255.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.255.152 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-255-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:55 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.trendmicro.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644715499_389540056_229109234_29_1218_146_218_219";dur=1
content-length: 4
expires: Thu, 02 May 2024 10:11:55 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 134ms
133ms Ping
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9RTX7DD265&gtm=45je44t0v9125550112za200&_p=1714644713756&gcd=13l3l3l3l2&npa=0&dma=0&gdid=dYmQxMT&ul=he-il&sr=1600x1200&cid=317975328.1714644715&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&dr=https%3A%2F%2Fvisit.trendmicro.com%2F&dt=Ransomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG&sid=1714644715&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4002
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9RTX7DD265&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 751 B
720 B 370ms
127ms XHR
application/json 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 3bf66730127b0b457f8871712559825945586261b178ab7061a91d5e8d3f0dfa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Token f0978075a275d14104571cd0b3e9919c9748869b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
X-6s-CustomID: WebTag1.0 810eb8f4ed8abcee5cd1e233263d8d3f
Referer: https://www.trendmicro.com/
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 3572762043732311014
date: Thu, 02 May 2024 10:11:56 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://www.trendmicro.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 398

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 374ms
127ms Preflight 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.trendmicro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.trendmicro.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Thu, 02 May 2024 10:11:55 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 64974911098346273

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 206ms
199ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=65613beb-05c5-40f4-88cc-613f2e147a28&session=c31d84ae-69da-47f2-8a67-88c9efabad2c&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A55%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20take%20a%20closer%20look%20at%20the%20operations%20of%20Clop%2C%20a%20prolific%20ransomware%20family%20that%20has%20gained%20notoriety%20for%20its%20high-profile%20attacks.%20We%20review%20this%20ransomware%20group%E2%80%99s%20constantly%20changing%20schemes%20and%20discuss%20how%20companies%20can%20shore%20up%20defenses%20against%20this%20threat.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG%5Cn%22%7D&cb=&r=https%3A%2F%2Fvisit.trendmicro.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&pageViewId=8b8b3a51-5bd0-40f3-881d-931ec89094ed&v=1.1.18

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 10:11:55 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 207ms
201ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=65613beb-05c5-40f4-88cc-613f2e147a28&session=c31d84ae-69da-47f2-8a67-88c9efabad2c&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20May%202024%2010%3A11%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22f0978075a275d14104571cd0b3e9919c9748869b%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20May%202024%2010%3A11%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22810eb8f4ed8abcee5cd1e233263d8d3f%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20May%202024%2010%3A11%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20May%202024%2010%3A11%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20May%202024%2010%3A11%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20May%202024%2010%3A11%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20take%20a%20closer%20look%20at%20the%20operations%20of%20Clop%2C%20a%20prolific%20ransomware%20family%20that%20has%20gained%20notoriety%20for%20its%20high-profile%20attacks.%20We%20review%20this%20ransomware%20group%E2%80%99s%20constantly%20changing%20schemes%20and%20discuss%20how%20companies%20can%20shore%20up%20defenses%20against%20this%20threat.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG%5Cn%22%7D&cb=&r=https%3A%2F%2Fvisit.trendmicro.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&pageViewId=8b8b3a51-5bd0-40f3-881d-931ec89094ed&v=1.1.18

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 10:11:55 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 264ms
263ms Script
application/x-javascript 23.49.133.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.133.210 Vancouver, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-49-133-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 10 Aug 2024 10:11:55 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46043&time=1714644715471&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46043&time=1714644715471&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3F...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D46043%26time%3D1714644715471%26url%3Dhttps%253A%252F%252Fwww.trendmicro.com%252Fv...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46043&time=1714644715471&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3F...

0
163 B

279ms
279ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46043&time=1714644715471&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&cookiesTest=true&liSync=true
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 02 May 2024 10:11:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: ACF9A3FA290C436EA4ECFD24F22C6EE7 Ref B: TLV30EDGE0520 Ref C: 2024-05-02T10:11:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYXddVAs4i9D36/399nQg==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:55 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYXddU8Z6PNYGU7zEUI+A==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 06497865FB8E4F978B0D61C0519759B0 Ref B: TLV30EDGE0520 Ref C: 2024-05-02T10:11:56Z
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46043&time=1714644715471&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
568 B 372ms
204ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.trendmicro.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:11:55 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BA194A69164B4EAF8B0D1328C3659C32 Ref B: TLV30EDGE0520 Ref C: 2024-05-02T10:11:55Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.trendmicro.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYXddUyz2PmINx049JInQ==

GET
H2 200 sync
s.company-target.com/s/ Frame 768E 0
0 1380ms
197ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.trendmicro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 10:11:56 GMT
via: 1.1 google

GET 464526.gif
id.rlcdn.com/ 0
0

GET
H2 200 pixel;r=465390628;rf=0;a=p-yyb3JEF9Pm8ey;url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE6...
pixel.quantserve.com/ 35 B
372 B 128ms
116ms Image
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=465390628;rf=0;a=p-yyb3JEF9Pm8ey;url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy;ref=https%3A%2F%2Fvisit.trendmicro.com%2F;uht=2;fpan=1;fpa=P0-1492390655-1714644715000;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=trendmicro.com;dst=1;et=1714644715614;tzo=-180;ogl=image.https%3A%2F%2Fdocuments%252Etrendmicro%252Ecom%2Fimages%2FTEx%2Farticles%2FRS-Clop-article-thumb0ZLv4Q;ses=bcf8ed4c-f919-4a34-81fe-b9773239b004;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 401 ip.json Show response
api.company-target.com/api/v3/ 12 B
513 B 410ms
157ms XHR
text/plain 18.66.102.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?referrer=https%3A%2F%2Fvisit.trendmicro.com%2F&page=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&page_title=Ransomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-75.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 May 2024 10:11:55 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
www-authenticate: DemandBase API v2
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Error from cloudfront
request-id: 3b8381db-eaf9-4be4-8cad-7eb86f6f88cf
content-length: 12
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.trendmicro.com
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
x-amz-cf-id: q3Nu54nozwQ0pCbFD_t-s2C79IRBPFnGMh0GICQsiWBegw0nBjPiwQ==

POST
H2 401 ip.json Show response
api.company-target.com/api/v3/ 12 B
514 B 433ms
182ms XHR
text/plain 18.66.102.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-75.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 May 2024 10:11:55 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
www-authenticate: DemandBase API v2
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Error from cloudfront
request-id: 9c359451-ee14-49dc-8707-2817351e05e9
content-length: 12
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.trendmicro.com
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
x-amz-cf-id: djFxO1cRGLNyAqQrd8K6kVxccTynE5ZNOQvkZ3VOKrKXjUfjuOrG2g==

POST
H/1.1 200
OK visitWebPage
945-cxd-062.mktoresp.com/webevents/ 2 B
318 B 1062ms
192ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://945-cxd-062.mktoresp.com/webevents/visitWebPage?_mchNc=1714644715796&_mchCn=&_mchId=945-CXD-062&_mchTk=_mch-trendmicro.com-1714644715790-67906&mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&_mchHo=www.trendmicro.com&_mchPo=&_mchRu=%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fvisit.trendmicro.com%2F&_mchQp=mkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 10:11:56 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 517eaea9-8b99-470b-b743-264547f662ef

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 206ms
203ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=65613beb-05c5-40f4-88cc-613f2e147a28&session=c31d84ae-69da-47f2-8a67-88c9efabad2c&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A56%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A55%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20take%20a%20closer%20look%20at%20the%20operations%20of%20Clop%2C%20a%20prolific%20ransomware%20family%20that%20has%20gained%20notoriety%20for%20its%20high-profile%20attacks.%20We%20review%20this%20ransomware%20group%E2%80%99s%20constantly%20changing%20schemes%20and%20discuss%20how%20companies%20can%20shore%20up%20defenses%20against%20this%20threat.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG%5Cn%22%7D&cb=&r=https%3A%2F%2Fvisit.trendmicro.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&pageViewId=8b8b3a51-5bd0-40f3-881d-931ec89094ed&an_uid=0&v=1.1.18

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:56 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 10:11:56 GMT

OPTIONS
H2 204 config
api.equally.ai/api/v1/widget/ Frame 0
0 862ms
200ms Preflight 18.209.252.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=1074e8b4274fc82b23af164defdb74f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.209.252.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-252-156.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-referer
Access-Control-Request-Method: GET
Origin: https://www.trendmicro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: XI0FLgifIAMEcLg=
date: Thu, 02 May 2024 10:11:57 GMT
server: nginx

GET
H2 200 config Show response
api.equally.ai/api/v1/widget/ 36 KB
36 KB 224ms
222ms XHR
application/json 18.209.252.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=1074e8b4274fc82b23af164defdb74f2
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.209.252.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-252-156.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3cd077a472169d94c46ff7fd76053a8440247f820d23fd9606629b60066c0062

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
X-Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 02 May 2024 10:11:57 GMT
server: nginx
content-length: 36941
apigw-requestid: XI0FNiY8IAMEJEg=
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 213ms
203ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=65613beb-05c5-40f4-88cc-613f2e147a28&session=c31d84ae-69da-47f2-8a67-88c9efabad2c&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A56%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%222009%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20take%20a%20closer%20look%20at%20the%20operations%20of%20Clop%2C%20a%20prolific%20ransomware%20family%20that%20has%20gained%20notoriety%20for%20its%20high-profile%20attacks.%20We%20review%20this%20ransomware%20group%E2%80%99s%20constantly%20changing%20schemes%20and%20discuss%20how%20companies%20can%20shore%20up%20defenses%20against%20this%20threat.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG%5Cn%22%7D&cb=&r=https%3A%2F%2Fvisit.trendmicro.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&pageViewId=8b8b3a51-5bd0-40f3-881d-931ec89094ed&an_uid=0&v=1.1.18

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:57 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 10:11:57 GMT

OPTIONS
H2 204 config
api.equally.ai/api/v1/widget/ Frame 0
0 200ms
199ms Preflight 18.209.252.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=1074e8b4274fc82b23af164defdb74f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.209.252.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-252-156.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-referer
Access-Control-Request-Method: POST
Origin: https://www.trendmicro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: XI0FRiP_oAMEcqw=
date: Thu, 02 May 2024 10:11:58 GMT
server: nginx

GET
H2 200 OpenDyslexic-Regular.woff
widget.equally.ai/fonts/ 16 KB
17 KB 568ms
133ms Font
font/woff 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.equally.ai/fonts/OpenDyslexic-Regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2282dbd646a0e093b6315a3692cb2ab6c9bca68d46c01f7c6fba2f1ae924a953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Origin: https://www.trendmicro.com
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 09:36:41 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 11447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16636
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "7312cd3f9b4e0804d9051e37e97579bf"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-amz-cf-id: xSeiPG36o3z16XD9ju-Zo9uNYE4fm1kjNxjqkCzDSGALjDEbtwIWdQ==

POST
H2 200 config Show response
api.equally.ai/api/v1/widget/ 27 B
158 B 232ms
231ms XHR
application/json 18.209.252.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=1074e8b4274fc82b23af164defdb74f2
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.209.252.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-252-156.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 16270c15435abfbd1e22c9a06378d29d8823f68d61216d61422d1b0b0643e776

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.trendmicro.com/
X-Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 02 May 2024 10:11:58 GMT
server: nginx
content-length: 27
apigw-requestid: XI0FTh9eoAMEcmA=
content-type: application/json

GET
H2 200 en.json Show response
widget.equally.ai/locales/ 10 KB
4 KB 643ms
171ms Fetch
application/json 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.equally.ai/locales/en.json

Requested by

Host: widget.equally.ai
URL: https://widget.equally.ai/equally-widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3d804706c6ccb7955d146f5b9a86c200ee5788031e0c8601a0d758da2ce6e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 09:36:41 GMT
content-encoding: gzip
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 11447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"c8654951b307d59acadb3324470b6d22"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options: SAMEORIGIN
x-amz-cf-id: sz9W-UvKNRnf96_lczLTxhzGcuQDgKlNz7HjUE50z4O2snoxsdE5Cw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 200ms
199ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=65613beb-05c5-40f4-88cc-613f2e147a28&session=c31d84ae-69da-47f2-8a67-88c9efabad2c&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A57%20GMT%22%2C%22timeSpent%22%3A%221164%22%2C%22totalTimeSpent%22%3A%223173%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20take%20a%20closer%20look%20at%20the%20operations%20of%20Clop%2C%20a%20prolific%20ransomware%20family%20that%20has%20gained%20notoriety%20for%20its%20high-profile%20attacks.%20We%20review%20this%20ransomware%20group%E2%80%99s%20constantly%20changing%20schemes%20and%20discuss%20how%20companies%20can%20shore%20up%20defenses%20against%20this%20threat.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG%5Cn%22%7D&cb=&r=https%3A%2F%2Fvisit.trendmicro.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&pageViewId=8b8b3a51-5bd0-40f3-881d-931ec89094ed&an_uid=0&v=1.1.18

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:58 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 10:11:58 GMT

GET
H2 200 equallyai-widget.css
widget.equally.ai/ Frame 0EA7 32 KB
7 KB 114ms
113ms Stylesheet
text/css 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.equally.ai/equallyai-widget.css

Requested by

Host: widget.equally.ai
URL: https://widget.equally.ai/equally-widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

652efd827c7d4bdbc5062da31da261ea6aff861b1735ab640eb5aea11e52deda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 05:49:40 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 15740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"f36e46b286460d4bdf52555bcf3c77fc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-amz-cf-id: QuvHsL1ZwdQEdWPomOI2RNMEefi4XJtXCt41rmdgkY4zP8BrW9-hOw==

GET
H2 200 en.svg
widget.equally.ai/flags/ Frame 0EA7 1 KB
972 B 119ms
108ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a8f57ae36e7533f330d488d78955b84759053d8890dbc12a940f5f16c0169c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"ebf36f856cee41bb0004b1be873bc62f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: aYCtdAwRT_bRKrJdB3shQks-J2SyDEUQVpR_qQd-HZ7bRGIKBYTmiA==

GET
H2 200 es.svg
widget.equally.ai/flags/ Frame 0EA7 148 KB
36 KB 122ms
112ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/es.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f8b2beb661f2060ad9acfc574d17fb9b51d984c3ec4559defc2360a1192ba667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"ce15a45bbe7193fd267a2b79f695f851"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: k-lY_c-aIa5noHRpnVDr4qzv6sr3497SYRU-A-dBfxUNYbjMuu4M2Q==

GET
H2 200 de.svg
widget.equally.ai/flags/ Frame 0EA7 411 B
926 B 126ms
115ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

22c3fd46dc28317aef90042c0753148aa68707737146640e11165d6df6c02178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 04:32:55 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 20345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 411
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "53d375e4d05c0f07c61381c149666a95"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: M_8DzjFJ115bN--BMB62J-Yb0gTdbQDeTYPt3dNgwRwHQOjsEX53uA==

GET
H2 200 pt.svg
widget.equally.ai/flags/ Frame 0EA7 11 KB
6 KB 127ms
117ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/pt.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

42f2a22d45c6f2d8ba1ebc17ed8b417762baeed4f314c68deb39d8534b8f8ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 05:44:57 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 16023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"3db75d5500aac310ba9be72fe78c09a0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: 0E8fhJlJz5TOOVmzuAT-ck82T1DRDh9QcL1EaivobomFDgNYqCvKfg==

GET
H2 200 fr.svg
widget.equally.ai/flags/ Frame 0EA7 468 B
984 B 127ms
117ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3d85ea6dbd284d131f55a919eccaf1eb6bc6b8b57804859ee984bc57bb931a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 468
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "aba229ec8b9399af14875fba8715b4e5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: vUtkVxL-St6hx3-7XuM7pXaaj8aZ5XL-hnJJsfR9j_WPB5uqPyj8AQ==

GET
H2 200 it.svg
widget.equally.ai/flags/ Frame 0EA7 202 B
698 B 127ms
117ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/it.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

985a85728ad37064b2b77bf64f50abedc823aee1f9f85918aa1adbb54e6af176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 06:31:16 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 13244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 202
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "4f6374bbba141514028cfee25e6b8b50"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: hYH0ltOqfeaUJx3NSePZdVptYxpPniTV1POW_0uNykCOCK-k6HE7LA==

GET
H2 200 ru.svg
widget.equally.ai/flags/ Frame 0EA7 232 B
747 B 127ms
118ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ru.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a8b719965d947ab374c07d0da488c475e73334fc9ca9f2c970f0c176ea609f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 05:52:14 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 15586
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 232
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "8c35008bdd453eb7092e5589433ee345"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: eshNgnCsD08OOjqsyyWEqPLP_hgz4T_3ZhTjn_6eUfcJxVlMFgAhpA==

GET
H2 200 nl.svg
widget.equally.ai/flags/ Frame 0EA7 175 B
689 B 128ms
118ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0d04d9eadc49c5514881c1c3f7c465a10a37ead378bc5e61cf96fdfcb3599e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 175
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "5f6ef944bbde5608a5cfd566abc3a61a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: pbZc4GPX-rUt44E8JMJpTfX86HtESsKRsmdRRALfgi_bP5CiautkPA==

GET
H2 200 pl.svg
widget.equally.ai/flags/ Frame 0EA7 142 B
656 B 128ms
118ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/pl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

608e5ed6a0820b02ac00e5ee7457a9822b5e5c1be9cba69d17c5a3e9ca4a4377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:48:35 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 26605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "e2afe0f6676f52f2142f71e9b3570e81"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: Qjwjt0PtYwxzLbFiV4rxMWWxLx7aiAu28PeXofXR33yddq8RGdpZQA==

GET
H2 200 bg.svg
widget.equally.ai/flags/ Frame 0EA7 294 B
808 B 128ms
119ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/bg.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3beaf2aa05abc754a560f723315ba58156356abc654d952382c6e6bb60cfb7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 05:57:46 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 15254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 294
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "d35abad4c97cd9e2b3cc342cb745d11d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 5t19fFgm_pGA2flS5BjeRbn_-AR2yZZjvDRjg2L3bdjB3ixVE6otvg==

GET
H2 200 he.svg
widget.equally.ai/flags/ Frame 0EA7 856 B
1 KB 178ms
169ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/he.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0d86756671757b1622e49e7b1405334d749dc18b0377b422fa0b8a0c493d9dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 856
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "39aa6f7e5890377271d5434c4f76386b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: NR_6NY3WK-uttDDQpVWd9abBBqbxnCpeucim1INvtQfLZR8afkQzsg==

GET
H2 200 cz.svg
widget.equally.ai/flags/ Frame 0EA7 212 B
726 B 178ms
169ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/cz.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a71bcb7e97223bdca2ff6105c4e261e96eaed1009d6326c404abe20011ed7dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 04:00:07 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 22313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 212
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "047e732decd62b9d3ce350a2cd8f4de6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: N5mxcQH789ux7iwySEd6oHqWkGeguaq76zHOvAtOkux8fJsRENblPA==

GET
H2 200 dk.svg
widget.equally.ai/flags/ Frame 0EA7 222 B
727 B 184ms
175ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/dk.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dc4827058fb343b6fa6383fb5e3471f4ab744a82d0f6ec9d895e8ce5d2a969ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 06:26:28 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 20117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 222
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "c0cd63470ccdd66eb1b70437c4897d2e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: V61dKtqFVSDg0qjolMeZiC31UaZHP5ojsoqOhVM_yXlICgUs_hYb5Q==

GET
H2 200 fi.svg
widget.equally.ai/flags/ Frame 0EA7 233 B
748 B 179ms
170ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/fi.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2f57f5b4ec3968d3127d25c1ba8973b593df0bfa8171a12d7c9f399a038ca071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 04:32:55 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 20345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 233
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "079f4bcbd1f4a3a2ac55d1071961eaa4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: srgcVVh9L-PwiDhSv_FxX6kkk3SM8wzVCcyjkDEtLUIsZ2y-WIHcOw==

GET
H2 200 se.svg
widget.equally.ai/flags/ Frame 0EA7 216 B
729 B 178ms
170ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/se.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1d7c3fc0594c8fb856d9fd0a13a752dfaf8643c8b073582909c88be24e7e416f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 216
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "1f642770ccba1a8f5948ac69923c15ba"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: Omn2mOS831Ou2y9eGuo-wWF4QzpIcHpe2uRrlw3x3E243ZUUvuiu6w==

GET
H2 200 lt.svg
widget.equally.ai/flags/ Frame 0EA7 178 B
694 B 179ms
170ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/lt.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

429d40e370103a47cb2fa03e143136308ce0ad387fc05acfff349d40406440a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 05:44:57 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 16023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 178
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "60ce52ef375f0a7bf84149719ad6a8e2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 8mdVUKUDTLrE3r8SLJ77mLvJHFR-bC4pM8D9F7jsCH6LY5WyPILVuw==

GET
H2 200 ro.svg
widget.equally.ai/flags/ Frame 0EA7 178 B
692 B 178ms
171ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ro.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ea3e3c17cfd414a403313ddc73a62a264cbc205d962214e272321566e0d78ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:41:42 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 30618
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 178
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "a9e8cdfefb0cb78dfe786276f500656a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: Sf4iQ0WtTrStNbWjGvu_IKn3Hl9wp8HFdWMYHuLCht32gCM0lQs40A==

GET
H2 200 gr.svg
widget.equally.ai/flags/ Frame 0EA7 206 B
722 B 178ms
171ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/gr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

86cce2a11b19e83087b4ea15be2c293563f8dc90df958488174c2194e2adac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:48:35 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 26605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 206
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "abd7d677957e863655f6bc059dbaebfb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 2aMa2w6ufjc9CKRYUcAFG_vF577zn_498ySdGUEZGXTJjGReQaNjRQ==

GET
H2 200 hr.svg
widget.equally.ai/flags/ Frame 0EA7 66 KB
29 KB 182ms
175ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/hr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ecd619e1013f1de98ab10d4693d8d17ff1924494c099aaef02b0700636b51339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 06:26:28 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 26605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"f4e06f4da88eab5e630a6263b8f5ebdf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: zU6nL-Ss8P0xR46ghKHVVDvoIRRyKQC23Rf9_EqdYEOZEZkfc2LBrw==

GET
H2 200 lv.svg
widget.equally.ai/flags/ Frame 0EA7 138 B
633 B 178ms
171ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/lv.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

442240b6d0d4290a8a5bf289beae6d52665dc71f7cb529034682c8fdcf313bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 04:57:50 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 138
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "12cebcfb5d166f7cd2b6a3fb48c0924d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 05le4gG7t2JMXjj80OmBRLrpjCP8ljRQWu0UilFXts78hnfjecLqKA==

GET
H2 200 sl.svg
widget.equally.ai/flags/ Frame 0EA7 2 KB
1 KB 179ms
172ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/sl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aa4fda18694f1e60c937933eebd752cc3ed0701652f0dfca84677c3267b26db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"9b4bb3b189e8285e10fc2637df225958"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: b6K0Bhk76HyD6D0Uin-YGSKgdMz2VozI-0YXMbhffusdlF4tnKXqxg==

GET
H2 200 mt.svg
widget.equally.ai/flags/ Frame 0EA7 15 KB
8 KB 179ms
172ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/mt.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a5c2eee915ed72695afcc7898018bf57c41e62c9b7b964e8de8bbbec9e895d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"66e76e37d320e1ef728362a420f7eb3e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: C2whNuUdFUMLWEdBvt5dRlm8CT-tBX-iLXSj1ApwAtP2i3dVn236Tg==

GET
H2 200 sk.svg
widget.equally.ai/flags/ Frame 0EA7 1 KB
1 KB 179ms
173ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/sk.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

645f75dbf15f9931d4c25509f2d3b55e8be7d97209957535382ecfd96658d7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 1929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"45bde9f51532f5f7cc44fa912e57fa26"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: w6-AJZX0Kr4wo5TUsd8JfAuV5o1Q2aYQ6VwqcOsgZ59KoMvrR-zGDA==

GET
H2 200 ar.svg
widget.equally.ai/flags/ Frame 0EA7 28 KB
11 KB 179ms
173ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ar.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b0b36326e3e5b74624ee8b5de8273ea00f7bbe9b5ba0da6250cbe7b3c637505e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 1928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"1b79db27bb882afead5050e6fa59818c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: mewdvtS8OYwOFswpEl6VCl--0GLcnlTAm1ohbJZUbuFrzwsBf5j2Gg==

GET
H2 200 ja.svg
widget.equally.ai/flags/ Frame 0EA7 209 B
723 B 179ms
173ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ja.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

35e785339e19d1ec1987cb9c3d8e66fc97f29a287db0b0b590b8dfdd96d4766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 18850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 209
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "a1e1ea513a3fcd801e85db4373ce8cd6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 8sxstS2pgmeC3T7S5DKcDjfLUzZVThNySMAmTJDr2G3Ua_eNmjeAxQ==

GET
H2 200 zh.svg
widget.equally.ai/flags/ Frame 0EA7 589 B
1 KB 179ms
174ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/zh.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d2992931db929f1541337b2427833930743899025888d5df0cd8359179c3a6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:04:51 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 1929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 589
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "70f58c27d22d2fc42e3ae42109a6165b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: m_I2g_coCyVVQW2DtGChq1DYzJGBqh0Ik6y8Sw1xrhdqPEeZv59zSw==

GET
H2 200 ko.svg
widget.equally.ai/flags/ Frame 0EA7 628 B
1 KB 179ms
174ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ko.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

557804ca07c2ab312bddc4c711c548563a1302a25eeebbff8dae19cbd4cc5e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 04:10:35 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 21685
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 628
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "10679d585c351917622b94494b8a0329"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 5sx3Dso8lUIyeN1Id9_a9s41aw3cL3IF0MTiHSAiCEa0D7TVPsWUIg==

GET
H2 200 sq.svg
widget.equally.ai/flags/ Frame 0EA7 8 KB
5 KB 179ms
174ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/sq.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e223abdb13c475b827e74fa29a44a98e26675402fb46513eadc875faca72305e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 03:45:41 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 23179
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: W/"9ca1e7c55a76c6f0c5b34c29ed911c8f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: DKyABbUCGzWXXTGdYkPonB3KFc24W-1eaV0JSH9liADV_dXve6HmkA==

GET
H2 200 mk.svg
widget.equally.ai/flags/ Frame 0EA7 416 B
930 B 179ms
175ms Image
image/svg+xml 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/mk.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5a9c8a96b2d409c2295838d5e7c6182170f35aba3ec747dc2a818b96d8e8b23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 04:10:35 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 21685
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 416
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 15:10:25 GMT
server: AmazonS3
etag: "93c15186533262b4a99e531c484d4459"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: Txahz0w1gXfGi36tzO2yLmL5l9087VuqoK-SVEGciDeObkAJI8lJZA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 200ms
200ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=65613beb-05c5-40f4-88cc-613f2e147a28&session=c31d84ae-69da-47f2-8a67-88c9efabad2c&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A58%20GMT%22%2C%22timeSpent%22%3A%221021%22%2C%22totalTimeSpent%22%3A%224194%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20take%20a%20closer%20look%20at%20the%20operations%20of%20Clop%2C%20a%20prolific%20ransomware%20family%20that%20has%20gained%20notoriety%20for%20its%20high-profile%20attacks.%20We%20review%20this%20ransomware%20group%E2%80%99s%20constantly%20changing%20schemes%20and%20discuss%20how%20companies%20can%20shore%20up%20defenses%20against%20this%20threat.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG%5Cn%22%7D&cb=&r=https%3A%2F%2Fvisit.trendmicro.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&pageViewId=8b8b3a51-5bd0-40f3-881d-931ec89094ed&an_uid=0&v=1.1.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 10:11:59 GMT

GET
H2

200

favicon.ico
www.trendmicro.com/content/dam/trendmicro/
Redirect Chain

https://www.trendmicro.com/favicon.ico
https://www.trendmicro.com/content/dam/trendmicro/favicon.ico

3 KB
4 KB

322ms
321ms

Other
image/vnd.microsoft.icon

2.19.244.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/content/dam/trendmicro/favicon.ico

Protocol

Server

2.19.244.199 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-244-199.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3818e71293245021a4db81e76832f162d45ff7cb518be638f0cc96797f7c2361

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: gzip
x-prod-a-01: Yes
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:59 GMT
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=25, origin; dur=165, ak_p; desc="1714644719578_386904740_115918077_19371_12794_57_0_219";dur=1
x-prod-n-01: Yes
content-length: 3377
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:54:43 GMT
server: nginx
etag: "d1a-61417183fa7d2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: max-age=1
accept-ranges: bytes
expires: Thu, 02 May 2024 10:12:00 GMT

Redirect headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-content-type-options: nosniff
date: Thu, 02 May 2024 10:11:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://www.trendmicro.com/content/dam/trendmicro/favicon.ico
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714644719445_386904740_115917854_64_13853_57_0_219";dur=1
content-length: 162
x-xss-protection: 1;mode=block

POST
H2 204 /
173bf10e.akstat.io/ 0
228 B 297ms
287ms Ping
image/gif 2.23.196.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://173bf10e.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LJA84-589LU-SVNVV-WKPLQ-NBTC7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.196.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-196-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:11:59 GMT
content-type: image/gif
access-control-allow-origin: https://www.trendmicro.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Thu, 02 May 2024 10:11:59 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 212ms
211ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=65613beb-05c5-40f4-88cc-613f2e147a28&session=c31d84ae-69da-47f2-8a67-88c9efabad2c&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A12%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A11%3A59%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225195%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20take%20a%20closer%20look%20at%20the%20operations%20of%20Clop%2C%20a%20prolific%20ransomware%20family%20that%20has%20gained%20notoriety%20for%20its%20high-profile%20attacks.%20We%20review%20this%20ransomware%20group%E2%80%99s%20constantly%20changing%20schemes%20and%20discuss%20how%20companies%20can%20shore%20up%20defenses%20against%20this%20threat.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG%5Cn%22%7D&cb=&r=https%3A%2F%2Fvisit.trendmicro.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&pageViewId=8b8b3a51-5bd0-40f3-881d-931ec89094ed&an_uid=0&v=1.1.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:12:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 10:12:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 206ms
206ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=65613beb-05c5-40f4-88cc-613f2e147a28&session=c31d84ae-69da-47f2-8a67-88c9efabad2c&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A12%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20May%202024%2010%3A12%3A00%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226197%22%7D&isIframe=false&m=%7B%22description%22%3A%22We%20take%20a%20closer%20look%20at%20the%20operations%20of%20Clop%2C%20a%20prolific%20ransomware%20family%20that%20has%20gained%20notoriety%20for%20its%20high-profile%20attacks.%20We%20review%20this%20ransomware%20group%E2%80%99s%20constantly%20changing%20schemes%20and%20discuss%20how%20companies%20can%20shore%20up%20defenses%20against%20this%20threat.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG%5Cn%22%7D&cb=&r=https%3A%2F%2Fvisit.trendmicro.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&pageViewId=8b8b3a51-5bd0-40f3-881d-931ec89094ed&an_uid=0&v=1.1.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.trendmicro.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 10:12:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 10:12:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/464526.gif

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.visit.trendmicro.com/	1970-01-20 20:17:26	Name: __cf_bm Value: o06zz.DDxBZwcPpk0DO8ysrN9vIaFHSm23hyWHRonQs-1714644711-1.0.1.1-gEE1jjVhJQNjNaWnYu.Ms0eEwFrnkNQ_sbDNlbjTOBt3j3PbHWOyBuPaJ.avgbkHFr0ELRn6vPMO5ZIEKJPsgg
www.trendmicro.com/	1969-12-31 23:59:59	Name: __AntiXsrfToken Value: 07bf944b94dc47eeadba3cc9465e4d4d
www.trendmicro.com/	1970-01-20 20:17:24	Name: NSC_MC_TKD-UFY-GUQ_IUUQ_Qvc Value: ffffffff09227a1e45525d5f4f58455e445a4a423660
.trendmicro.com/	1970-01-21 05:03:00	Name: utag_main Value: v_id:018f38ca01b7003ffb445a3441a00506f00f106700b08$_sn:1$_se:1$_ss:1$_st:1714646513912$ses_id:1714644713912%3Bexp-session$_pn:1%3Bexp-session
.trendmicro.com/	1969-12-31 23:59:59	Name: _c1Ref Value: /vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop
.resources.trendmicro.com/	1970-01-20 20:17:26	Name: __cf_bm Value: pnsLnviE2f4iD82u3yX9agah6CTIoIizu2.RGdL8YHI-1714644714-1.0.1.1-Ah76O59cRwrhrLrKp41Kf5pB4NloVe9NDo6568yurx9_s8a3uczGjNuzNwkbBGE4vmr39MveV4Qi2DDPz7nj5Q
.trendmicro.com/	1970-01-20 20:18:51	Name: _gid Value: GA1.2.1412209067.1714644715
.trendmicro.com/	1970-01-20 20:17:24	Name: _gat Value: 1
.trendmicro.com/	1969-12-31 23:59:59	Name: querystring Value: mkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy
.trendmicro.com/	1970-01-20 20:17:24	Name: _gat_tealium_0 Value: 1
.trendmicro.com/	1970-01-20 20:17:24	Name: _gat_tealium_1 Value: 1
.trendmicro.com/	1970-01-21 05:53:24	Name: _ga_26GX0VHJ0F Value: GS1.1.1714644715.1.0.1714644715.0.0.0
.trendmicro.com/	1970-01-21 05:53:24	Name: _ga Value: GA1.1.317975328.1714644715
.trendmicro.com/	1970-01-21 05:53:24	Name: _ga_9RTX7DD265 Value: GS1.2.1714644715.1.0.1714644715.0.0.0
www.trendmicro.com/	1970-01-21 05:53:24	Name: _gd_visitor Value: 65613beb-05c5-40f4-88cc-613f2e147a28
www.trendmicro.com/	1970-01-20 20:17:39	Name: _gd_session Value: c31d84ae-69da-47f2-8a67-88c9efabad2c
.adnxs.com/	1970-01-21 05:53:24	Name: receive-cookie-deprecation Value: 1
www.trendmicro.com/	1970-01-20 20:27:29	Name: _an_uid Value: 0
.t.co/	1970-01-21 05:53:24	Name: muc_ads Value: fdc4c485-91d5-4214-9cff-b9a08a3db2aa
.trendmicro.com/	1970-01-21 05:53:24	Name: _mkto_trk Value: id:945-CXD-062&token:_mch-trendmicro.com-1714644715790-67906
.quantserve.com/	1970-01-21 05:47:39	Name: mc Value: 663366eb-c44b6-d2b6b-98db9
.trendmicro.com/	1970-01-21 05:41:53	Name: __qca Value: P0-1492390655-1714644715000
.twitter.com/	1970-01-21 05:53:24	Name: personalization_id Value: "v1_KC6RAOBk/ksZnaTuY3prdQ=="
.linkedin.com/	1970-01-20 22:27:00	Name: li_sugr Value: 270dacd6-62a7-4a8e-93f4-8d3befa8f488
.linkedin.com/	1970-01-21 05:03:00	Name: bcookie Value: "v=2&465442c4-3f48-42f1-8ee8-3c334499d88b"
.linkedin.com/	1970-01-20 20:18:51	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2798:u=1:x=1:i=1714644715:t=1714731115:v=2:sig=AQHgiPGwiMVgn4xEvVyJEAVvSjQnDI3h"
.linkedin.com/	1970-01-20 21:00:36	Name: UserMatchHistory Value: AQJ51sf9C5_nogAAAY84ygo66x0wDuVlltkfMlo-IBWS-HaNuUHV3WFlp_zYtdy_UrrT4AiLZm33IA
.linkedin.com/	1970-01-20 21:00:36	Name: AnalyticsSyncHistory Value: AQJE3Spl6c7SuQAAAY84ygo6o3JoYU6Jmkns2EQHPzvXFYqiKIWvCvRAHa-I6ZSufDMLDJqN-p34FaNgE2lkIg
.www.linkedin.com/	1970-01-21 05:03:00	Name: bscookie Value: "v=1&202405021011569f417ec4-cd84-49a1-863e-3807f684b061AQF_YHRSMuh7r69cLJL9NOyhwds8AZ28"
.company-target.com/	1970-01-21 05:53:24	Name: tuuid Value: 8408de4d-39a6-417e-9769-542a9c5f8615
.company-target.com/	1970-01-21 05:53:24	Name: tuuid_lu Value: 1714644716\|ix:0\|mctv:0\|rp:0
.rubiconproject.com/	1970-01-21 05:03:00	Name: khaos Value: LVP36ZB5-K-5OIK
.rubiconproject.com/	1970-01-21 05:03:00	Name: audit Value: 1\|I4R7y0vAOYAu56ghu+q3kOwLuFAJ1EApY6jbg+1NShyUHKCefwHvs/7y/JxhVINag3pmjJQsGBJw0S94mtzOHwmugVMwSc1VTU0tEQFlDDJio8U7THUIEpO30DxfJ//+zuZwxHDc5PdUTtdDsDnRh4So/CV2hfoU0r1UU9Ix4w1JSUn9Ni8QcA==
.rubiconproject.com/	1970-01-20 22:27:00	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 05:03:00	Name: CMID Value: ZjNm7YsFVawAADllAZ7rQwAA
.casalemedia.com/	1970-01-20 22:27:00	Name: CMPS Value: 4852
.casalemedia.com/	1970-01-20 22:27:00	Name: CMPRO Value: 4852
.tremorhub.com/	1970-01-21 05:03:21	Name: tvid Value: 735d07388037452bbefe2a2ad31bd30c
.tremorhub.com/	1970-01-21 05:53:24	Name: tv_UIDM Value: 8408de4d-39a6-417e-9769-542a9c5f8615
.www.trendmicro.com/	1970-01-20 20:27:29	Name: RT Value: "z=1&dm=www.trendmicro.com&si=dd9e9334-32df-44b9-883d-b3d139bae06e&ss=lvp36up1&sl=1&tt=61q&bcn=%2F%2F173bf10e.akstat.io%2F&ld=61u"
www.trendmicro.com/	1970-01-20 20:17:24	Name: NSC_MC_dxu-bfn-xfc_XBG-IUUQ Value: ffffffff09224f4345525d5f4f58455e445a4a423660

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.sync.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bc0a.com/autopilot/f00000000017219/autopilot_sdk.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.sync.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bc0a.com/autopilot/f00000000017219/autopilot_sdk.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.trendmicro.com/libs/granite/csrf/token.json Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.company-target.com/api/v3/ip.json?referrer=https%3A%2F%2Fvisit.trendmicro.com%2F&page=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&page_title=Ransomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.company-target.com/api/v3/ip.json?referrer=https%3A%2F%2Fvisit.trendmicro.com%2F&page=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fsg%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-clop%3Fmkt_tok%3DOTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy&page_title=Ransomware%20Spotlight%3A%20Clop%20-%20Security%20News%20-%20Trend%20Micro%20SG Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/vinfo/sg/security/news/ransomware-spotlight/ransomware-spotlight-clop?mkt_tok=OTQ1LUNYRC0wNjIAAAGS17eE64Tejm_IH6qmySNyHTzyhpwtciRunjFVLlaomTLtmUlZkdCHrwf67WmHk4w4CMHlv6yuguZ3TsvYeaR904fFE1FEXrQiQ0Is_PTJ633fNZeXPqsy Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-Fiz8sLIvfDQc5nPuaF95xJjMdtjRG9fLBOkHZsmSZ0k=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173bf10e.akstat.io
945-cxd-062.mktoresp.com
ajax.googleapis.com
analytics.twitter.com
api.company-target.com
api.equally.ai
b.6sc.co
c.6sc.co
c.go-mpulse.net
cdn.bc0a.com
cdn.datatables.net
customer.cludo.com
documents.trendmicro.com
documents.vicone.com
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
id.rlcdn.com
ipv6.6sc.co
ixfd2-api.bc0a.com
j.6sc.co
munchkin.marketo.net
pixel.quantserve.com
px.ads.linkedin.com
resources.trendmicro.com
rules.quantcount.com
s.company-target.com
s.go-mpulse.net
scripts.demandbase.com
secure.adnxs.com
secure.quantserve.com
sjs.bizographics.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.tiqcdn.com
trendmicro.scene7.com
visit.trendmicro.com
widget.equally.ai
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.trendmicro.com
id.rlcdn.com
104.17.72.206
104.17.74.206
104.22.28.96
104.244.42.5
104.244.42.67
108.177.15.156
13.107.42.14
13.248.142.121
142.250.181.234
142.250.185.110
142.250.185.131
142.250.185.234
143.204.98.120
146.75.120.157
150.70.178.131
172.67.39.148
172.67.75.33
18.209.252.156
18.245.46.25
18.65.39.117
18.66.102.15
18.66.102.75
184.30.152.138
192.28.144.124
2.19.244.199
2.23.196.132
216.58.206.72
23.205.255.152
23.223.17.167
23.223.17.209
23.49.133.210
34.111.194.12
34.96.71.22
35.201.125.192
37.252.171.21
52.222.214.61
91.228.74.244
95.101.111.184
02d1ebb44f6539e6642f55937b85bfacc624b5f21d7a6c1a53939f3bbc9deb61
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05dce95eaa2457f1ed9076e0d32b59680b654cf7ca6a4e35f3fe682c78f460b0
060de6fa0e8fb084932b15dd1264aa0fb4000d857c5feab8e6a8f1cfec5cd01e
0840fffbb26eb090245d3b943b6f04e48f8bf7c472d3cdc49492a73dc0e8ca23
086e621cfcac0a3d8f7d05e33fefd1b09cd8837c443f89c8a9bee2928cfed62d
09576a4031c2ebfb4c4e9b70b08ef26ffe7230c6a16eda706e02a12b28b84792
0c9a7c2f83b40533024d7988adf472a7288741a658bd614870ae962a54d1f41d
0d04d9eadc49c5514881c1c3f7c465a10a37ead378bc5e61cf96fdfcb3599e54
0d86756671757b1622e49e7b1405334d749dc18b0377b422fa0b8a0c493d9dc6
0eb1bcddd439c22603c63c97fbc82f70586068a13b31505872d0a94073ad34c3
10846c3ec731a4e370609caca1b0bac59c4c7f980b772a66a613586fa9737294
1238779b27a319a6dac5a54af8995be196e456de87dac40a5556d80853fbb761
136a1a4d5684cba1f04b04946a0f443af3a3b7abb4abde946fc0705ae489ccc9
15cc9439c3827f46817521e1e654d67bc2592f896250d97da785e81505a29345
16270c15435abfbd1e22c9a06378d29d8823f68d61216d61422d1b0b0643e776
165e3a9b29dd3c7cfc6eb330ace9284d6f8a4de52f34b78e4d84f6faa28206a7
18dec942dcdd0d259cbb7dfab85d8990438d9d7c0e53f6e1a4c34c1beaca6022
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d7c3fc0594c8fb856d9fd0a13a752dfaf8643c8b073582909c88be24e7e416f
2282dbd646a0e093b6315a3692cb2ab6c9bca68d46c01f7c6fba2f1ae924a953
22c3fd46dc28317aef90042c0753148aa68707737146640e11165d6df6c02178
239fdb6730e9f234b8b39d72ee99af8a762b69ed075c7cbbaf2751dceec1a0ed
23a05fbeb2200993b6bf590f2b18009098cc27fbe7e9bb10b79f8b8bb85e1a42
268dfa4007ddcf394e76cceaf431178163f3e33a2844ce9f038f7d5b5c8cf28f
2a4e748b01ca6bb2a1bc3e344a815e2b1a3e7f9a7de1be6ff0959f0e83f45d05
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f1872ca675850da33a82c31c6f2c573bc2a8a7c4634c21ed0370638193975b0
2f57f5b4ec3968d3127d25c1ba8973b593df0bfa8171a12d7c9f399a038ca071
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
350b392ec44d00b6b789b546ce78ee429e6ea703c701fa916d3652cf315b6614
35e785339e19d1ec1987cb9c3d8e66fc97f29a287db0b0b590b8dfdd96d4766b
3600b030ef76b6efd7cb2388789614afac27fc1f83c814a701daaa227cef44d0
36dddcbd8045ce061726b0f8194e1a582de23d473ed771928caeb0ec85ecb93d
3807e44914c34f9e293702693b49039f774b1eef7798a0fa8dfbb3c1992e32dc
3818e71293245021a4db81e76832f162d45ff7cb518be638f0cc96797f7c2361
39bf39903f13015be8d51881021b517dcdce30b4c5b04475fb4af87b53f635a7
3beaf2aa05abc754a560f723315ba58156356abc654d952382c6e6bb60cfb7f2
3bf66730127b0b457f8871712559825945586261b178ab7061a91d5e8d3f0dfa
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cd077a472169d94c46ff7fd76053a8440247f820d23fd9606629b60066c0062
3d54afbb87a714b1c6d92847e2ef757d15269970178c4233303cafa1616722ec
3dd910d834f9e8f313fd0a9dbadcf96301f942d2a046907111138a8ce87d6753
429d40e370103a47cb2fa03e143136308ce0ad387fc05acfff349d40406440a2
42f2a22d45c6f2d8ba1ebc17ed8b417762baeed4f314c68deb39d8534b8f8ab0
442240b6d0d4290a8a5bf289beae6d52665dc71f7cb529034682c8fdcf313bb1
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46c4c0628d61cf6aa41dedacdd3e15fd9e3e6234a3b9a18b4b69ff9d9c5842ca
4a7f7e246fb61ccc3f57cd38061bbbdd4ada9768649d9d3e3362ec46be278bf5
4c38452d4117e2bb77829601aca27ac6584ebdf4d42ce505c0f7b1ae0f933147
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4df42d2eca12b4c135b63af085543410a6f33a973dc9b447b06fdf3163702004
516203c172e11d56f5b125558bafba7554132a322e3564d2a6a7a1aee2db075e
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
523e8e412693994fe6b7c57035ee70d6d0981da58428747101852ac0710fbded
557804ca07c2ab312bddc4c711c548563a1302a25eeebbff8dae19cbd4cc5e3a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a9c8a96b2d409c2295838d5e7c6182170f35aba3ec747dc2a818b96d8e8b23d
5bfa00cf23b38ea03bdcf0c04fabb32c8b1fb36b62f7bdabb5071ed6676701b3
5deb6f9cade54812153e467832fe3c01d0e81b8ae0a4039e9c234b161b9025c7
5e22ea5c930abbc085ab76916ce30cff31ab7aefc38bcb7dc1158b3c500303d8
5e5a43dfafa6b7448ffd7bac65fbc5d143ae7bc1ec9104c16900e9f294a46e0d
5fe64dd95a740fb72121daa90d115d03cb474c54420febb42dbab4b9f31d62e7
608e5ed6a0820b02ac00e5ee7457a9822b5e5c1be9cba69d17c5a3e9ca4a4377
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
645f75dbf15f9931d4c25509f2d3b55e8be7d97209957535382ecfd96658d7b2
652efd827c7d4bdbc5062da31da261ea6aff861b1735ab640eb5aea11e52deda
6751ec7ce49e73c33dbd4e03356d3f7de5fa2eadcc898c384bd76f590a29d9e0
676e66eeb5e721df2e68029d518067cece19d56d7e0b4a1c9a2e3c449a232bca
6790b63978d18c3003182620fadbd97236bf2ff6c3741911e61ea20df4ffb4af
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
70bb4dee8d5a8c4da670a1f6cdb4ed1de106409a3a627f8cb134a8733e4d1fee
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
78b166673ae72db9a05b2798eb5f46c45bd5611d9ebffb780508dded90bf1904
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d
7b67b475ba0b22fcb8fb8914d2d40c55fbb6b49d8c02957fc5d49f563a615778
7be7f64dc1e7074084ee99aac559caa7790d324e8f9ca246dc7dc9e00adac98b
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
826354627bb80d8338c31b0d8752bc3c527c36eca6b6c248c28899aa61a454c3
82fbdd40d389186cc9d722802e13a36e75fa2fc4f548b9595a35ca43e2e630a2
86cce2a11b19e83087b4ea15be2c293563f8dc90df958488174c2194e2adac07
898241655767777d954a01288720b8487c6bfcaf831a0243b1e19a5cc67906a3
89f5e612d1be23c76c63b9047ca4b649eaca252c5303d6ac4d15b63573330c71
8dd7b21967e3bbcd7aac40d2cc5cc1314370c348d74bbbca10216c64b4234c87
8f165f985e320dc59f197fbbb490da7c547d89887457ad09dfe75599c950bc7f
904a93f9ae361898613e763ca338a3ea0c4890c5c96417145e6716725b342319
90b024f2bb6ac5bf0a8a77160406044bc6e6549fbf7717a88af8e82023d9fa62
911e1f016949a72326ea2b2f623fd2e2e0fe9f0485eee20439aed767c2554e64
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9394d313280f38b966bdd12a469cc87306ad6c522b72c8e1fba3ce11ef56bb44
95ef911fcf12dfe0a1fb5b17a3b24fa81c6b07b102b435949b06e7e124de51cb
985a85728ad37064b2b77bf64f50abedc823aee1f9f85918aa1adbb54e6af176
99c5c8d1040d32b66101e0927cb5c7c5bad06cc808fd6a4da553cb016d067563
9de89a0507d903a1a20cae731d14020f13d828fa82d05a2b748b1d8e62e644d7
9e347c398509851d680f4e2178b74bd3f24de921bacf4bca8d73cb9564a8c98d
9f0f8b97bbedd536c657c8509450f8dbcc3618032ee7b22577d6d6f00f6a0e47
9fe07ee1f76ed22f258cf241d8e8589bef009e936197447f719d179cbab7ae93
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1b21f08b61e062f9814fda28c782d6b354fdf5f85d9686395c312d93e7ffe13
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a46caed64b8d6851b646a34bcf387c7983d2d1145edd009fd0e110ab1cdab86a
a4dc85d3a527083702be8eb34c8342dfd007efa82147e4101a008f17530ddbcd
a5c2eee915ed72695afcc7898018bf57c41e62c9b7b964e8de8bbbec9e895d2d
a71bcb7e97223bdca2ff6105c4e261e96eaed1009d6326c404abe20011ed7dad
a8b719965d947ab374c07d0da488c475e73334fc9ca9f2c970f0c176ea609f0c
a8f57ae36e7533f330d488d78955b84759053d8890dbc12a940f5f16c0169c47
a9c575c2bf9b9f836806dc58aa0866cb558806fc5ea1ef2f4250a8c0b1be7278
a9c5b1a13a2f7df690eba5f5562a012c8287e104e75f3844158b759611b495a7
aa0fb12210395609982a73f34b179f54280417eb48f18497e9b6a964569c27a1
aa2b9523f8e317ac926848006540a6f0491f3688468d7aa564b3e0d35f3a3845
aa4fda18694f1e60c937933eebd752cc3ed0701652f0dfca84677c3267b26db9
ac3864489917666fbecfffece8e244b564f0b4c7304e68314802ba361d8943f9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad514bcb3f2e982a190a5e963a29655f37824683a85f6b9ebe942ebd735e18ae
ad892170dcd93b3010823845f870e0049f7ddfa54b70ec72dfd842c9f9e052fe
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0b36326e3e5b74624ee8b5de8273ea00f7bbe9b5ba0da6250cbe7b3c637505e
b4585d273cb4bfd228dfaede65217a0a8918615301c89a0f80fc4c4787215c53
b592cbd3146f76d70e35b1cb5807a0df441c83c29a5bc70d7b68c4269cc8444d
b7e3cad8e5b56efa52cdff5b6f68e15bebba0adb0fabc1c290fade72df119a68
bfa89fa8541c3a5419ef9c9cfd661ecf2a33acbefafee5178751d9b22a6f106e
c17625547e20f91e831da065cc127ac73b17df21ea578a3a87df6baabf58d47e
c2b094f33d25173f475f41a0526bbcb2acebf727a5239decda05553375d2920a
c310cdd062c775c861a51f3a5c1ed9cd381622cdbb938c3a62be59341ef066af
c35684d84fc5b1b0f68463362669810b17bf94a9de0bc053000f9c3f66bcc880
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c941a6979bbb1fce9ffa2a04a483436d1d8d3a0990556772d83af7c333ac43cf
c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8
c98bce22c29bde98d9e0d64e0ade97b9a86b3f419107643902eda5bc0aa0a8c4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc3765e6b208eada55a4c419461df2b40b359b18bfd5e5182490d0bb08d102a6
cd934d18b2a48ed04d6fe7f97745ab75bcf32cacfcef4c2b6bd21c8b624542d1
ce94ba43ce703b7b7710cc3d63aa581aeea6a30844eb015a8549c8f25105e934
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d0c690d682e9c95dd694a0dc7e4397c4cc377a602c7e8cd76be2178e593890ad
d2992931db929f1541337b2427833930743899025888d5df0cd8359179c3a6eb
d460644b622022d9683784e06ccc45c6e864076a7a4e118d21f3037ecee1e114
d50a796a476b1fcf5c96954fd3576ff056c278490683dce6f1504a9ded73edc1
d82b1a9a2cc1e98aab345965c63e6cdc6d5782d5ab2ddccc99edb4fa28058202
d8366292b6413e815888abbc34c7800df0b1d8101bff22e1f3ca1f34170a73b3
db6b4059b1420479d12e3711345ee96686dd7baae91b16c22fe3831ea8f54c88
dc4827058fb343b6fa6383fb5e3471f4ab744a82d0f6ec9d895e8ce5d2a969ff
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e223abdb13c475b827e74fa29a44a98e26675402fb46513eadc875faca72305e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d85ea6dbd284d131f55a919eccaf1eb6bc6b8b57804859ee984bc57bb931a1
e3f966d376e56d597d0073d7830342450dd2da7cfd3b07da8304dcbe3cd1a467
e605b5e5b7c9854fa3acbec0326de0fbda080b24b1e473e4d9201c006213dd64
ea3e3c17cfd414a403313ddc73a62a264cbc205d962214e272321566e0d78ce8
ea6fd34781a3ed74fe03b32c21b77e034009af1b5442a53d369cb7209f1e7a0c
ecd619e1013f1de98ab10d4693d8d17ff1924494c099aaef02b0700636b51339
f0e45adb60d1f9efffc0aaec90436ac5415c3196e8c8a9d75a1bb10233b59df3
f337adbe68c49f832f3a8c224fa5d9028e678deba5e21de873847667bbb7dee8
f3d804706c6ccb7955d146f5b9a86c200ee5788031e0c8601a0d758da2ce6e54
f3deafdceca8489bc6713e7ff9c3869c17177783edf1b56a39c20fc301dbfaaf
f7ab9ca81421d398f3d09903b4585a4dd82e56012a47f22f9e8182d99c3617b6
f8b2beb661f2060ad9acfc574d17fb9b51d984c3ec4559defc2360a1192ba667
f8f35d55cbdd774face07a45ddd6c81038550e860d3d6ce6d2f22b7c89bc2012
fa308959966462d3ef5890122526efbfe12e868a30803cfaec0d4786d9ff54a3
fa688df996d472fb14d08bc17f7fe64c2b2e3ac38ae257f82cb0f4ca3fdcbe9d
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.trendmicro.com Open in urlscan Pro 2.19.244.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

195 Requests

98 %HTTPS

0 %IPv6

31 Domains

44 Subdomains

39 IPs

6 Countries

4128 kBTransfer

8648 kBSize

41 Cookies

70 Outgoing links

Page URL History

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.trendmicro.com Open in urlscan Pro
2.19.244.199 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

98 %
HTTPS

0 %
IPv6

31
Domains

44
Subdomains

39
IPs

6
Countries

4128 kB
Transfer

8648 kB
Size

41
Cookies

195 HTTP transactions
0 data transactions