www.oligo.security Open in urlscan Pro
34.249.200.254  Public Scan

33 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://www.cdn.privado.ai/e4f3ad42fb264da7b4f5de414a529ba4.js HTTP 302
• https://cdn.privado.ai/geo/e4f3ad42fb264da7b4f5de414a529ba4_EU.js

Request Chain 58

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1711505417468&li_adsId=b38eb8bb-1903-4844-b6e5-ee75ecde21eb&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1711505417468&li_adsId=b38eb8bb-1903-4844-b6e5-ee75ecde21eb&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1711505417468&li_adsId=b38eb8bb-1903-4844-b6e5-ee75ecde21eb&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true&e_ipv6=AQKnCtmNOtukOAAAAY59rCXm3XJyMT3u-Zb8ZMBC7HtwfqoYXHtLVoK20ZlDv6w1Ew

Request Chain 123

• https://js.hs-scripts.com/26088573.js?analyticsCommon=true&disableCollectedForms=true HTTP 307
• https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
12 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request shadowray-attack-ai-workloads-actively-exploited-in-the-wild Show response www.oligo.security/blog/	80 KB 26 KB	176ms 58ms	Document text/html	34.249.200.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-200-254.eu-west-1.compute.amazonaws.com Software / Resource Hash 97bc35b6214c3e3c19a04f7f8f19b6926410027740a9694fc86c39d7b570af1d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 11325 content-encoding gzip content-length 26198 content-security-policy frame-ancestors 'self' content-type text/html date Wed, 27 Mar 2024 02:10:17 GMT vary Accept-Encoding,x-wf-forwarded-proto x-cache HIT, HIT x-cache-hits 2, 2 x-cluster-name eu-west-1-prod-hosting-red x-frame-options SAMEORIGIN x-lambda-id f19ca17e-2dc9-4199-bd1e-5d743c733c4e x-served-by cache-iad-kcgs7200126-IAD, cache-dub4364-DUB x-timer S1711505417.086860,VS0,VE0
GET H2	200	oligosecurity.webflow.33f9bbd00.min.css assets-global.website-files.com/63dbb928e89213590c5bfd53/css/	262 KB 46 KB	58ms 17ms	Stylesheet text/css	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.33f9bbd00.min.css Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dbd284d9a2bdee26ff3c05b157adbe0b3aafaa2931976ab72736490aa83ba95f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 17:06:19 GMT content-encoding gzip via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) x-amz-version-id c7xFUO7TpfGIvYA6F_ZrYmcuz4kUM1qX age 32639 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 46591 last-modified Tue, 26 Mar 2024 17:06:01 GMT server AmazonS3 etag "09758543a06abf265f8f565d8fa1c2f5" content-type text/css access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id anRI6y8_ENy7ik6vvD88oRxiFyal0RHbqdNKztdtPck3mRfvjcfezA==
GET H3	200	codehighlight.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/	4 KB 3 KB	30ms 14ms	Script application/javascript	104.16.89.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/codehighlight.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1254f8919b622330bce321d396d373e92655485778b03d3d1a04d493d44431ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 22825 x-jsd-version 1.5.2 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230089-FRA, cache-lga21981-LGA x-jsd-version-type version server cloudflare etag W/"1182-meaOv3e3adqfyT4jIRjTa76pxz4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5f76skuMg8PgI91scgP0KdV7zXONG%2BdCpkCieLnIaoNnPhubDsyrh0zETDYiM5tkibV3FfSGrK8Qs66Rg3dYWo%2FjFXc%2BHWgByXMd06ADOqe5vZ7IiIznKRtbJmWXFSlwaM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 86abd7d92e4171c1-FRA
GET H3	200	richtext.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-richtext@1/	8 KB 4 KB	16ms 14ms	Script application/javascript	104.16.89.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-richtext@1/richtext.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c699eb55ae3fe61b3d783c8936ab1eb949c596a5c89118f703e328ede2b8308 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 29383 x-jsd-version 1.10.2 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220054-FRA, cache-lga21953-LGA x-jsd-version-type version server cloudflare etag W/"2147-I41v+oq443LPQB6aPqMil27q9QY" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RcjFCzTDTmYAcd4c8nW1U18p4jzZl3LqvjU7%2Ffbywn28zRZe0EVz53MFNU7CaSLgUbEFAfit8d5AKbN6FJC8Q9eK5hy8Y%2F%2Bqno%2FiOlq5EG5%2BAJJ%2FcDa4Fv2Pq29KVMbq98w%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 86abd7d98e7d71c1-FRA
GET H2	200	65fbe8e80fcf9583aa08ee01_UiClE7Lry4dTouKC6uwne1W_rAXrGsozyQDO8wfSlhc34_fzEFrYxCUyf27RCk0Lvq0nARPURNQjLehHT34yXEHwqlxx7gJ_OBxI0VyveK3iM36Pb0-Up5x-iNjzirFB5NLdjTrT2RZ_JWD7b67sng4.png assets-global.website-files.com/63e8dd453f71270c6845992b/	16 KB 17 KB	64ms 23ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe8e80fcf9583aa08ee01_UiClE7Lry4dTouKC6uwne1W_rAXrGsozyQDO8wfSlhc34_fzEFrYxCUyf27RCk0Lvq0nARPURNQjLehHT34yXEHwqlxx7gJ_OBxI0VyveK3iM36Pb0-Up5x-iNjzirFB5NLdjTrT2RZ_JWD7b67sng4.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5b5bd92324001c975b5b00ad8ce359425091e30f6f20fdc4f2f6bd4e2e5d401e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id MW3XweawCgUMT_dG3NOgrStHIp4vQknb via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 16769 last-modified Thu, 21 Mar 2024 07:59:37 GMT server AmazonS3 etag "e094c9cf528ccc368d79685c839d56b6" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id fpMt6s3FvY2awmeIWM7zvrWPIMW8qO8B-qmnBUCNn4gdMvpkf_T6qg==
GET H2	200	65fbe8e5ebb60ff12aebd6a1_t9shcvlHAcfFx_lNvA4CEjwfOB1k3ou4YmacdR2nPIjFsMfgIAS5sqEmVo2CxcZzRJpkjoE68impYDVpEwgLdmHCfk7YxezK8avkg-Gwf1xg4f7NrdRm7rW4nkh8qE5BSi_g3XxYb7oq2_F1tbq8tHQ.png assets-global.website-files.com/63e8dd453f71270c6845992b/	37 KB 37 KB	51ms 10ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe8e5ebb60ff12aebd6a1_t9shcvlHAcfFx_lNvA4CEjwfOB1k3ou4YmacdR2nPIjFsMfgIAS5sqEmVo2CxcZzRJpkjoE68impYDVpEwgLdmHCfk7YxezK8avkg-Gwf1xg4f7NrdRm7rW4nkh8qE5BSi_g3XxYb7oq2_F1tbq8tHQ.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d876c43138c51e72f92997514875453bbdf8285295ab9623170e6693b01d640b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id i5LplciCOAgmWhtsbOMWds3XDqTsQYMN via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 37555 last-modified Thu, 21 Mar 2024 07:59:34 GMT server AmazonS3 etag "ec015d6f0fc45a52bdfa81d16d2a8582" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id a0Sgup3-NHXbxYq_q-9QyJuFdXPfBo7IX-S4-df_TNex3azZSv_pcg==
GET H2	200	65fbe88cc48e3bcdc69d7ceb_4VA4SJaEsaN1lvwvc18TF-BWhPnNlrW5p181fnXkh4JEXt6bGhDyeyKjuWY3HOnfiaLDRvA7N91MBWa5UB6KylUuCr4kMdygQZSVz9gxlcaKrhRXmoVpWaPMb1vEmLrakWKc5bUIfA7oV81Xpdm--tQ.png assets-global.website-files.com/63e8dd453f71270c6845992b/	45 KB 46 KB	9ms 8ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe88cc48e3bcdc69d7ceb_4VA4SJaEsaN1lvwvc18TF-BWhPnNlrW5p181fnXkh4JEXt6bGhDyeyKjuWY3HOnfiaLDRvA7N91MBWa5UB6KylUuCr4kMdygQZSVz9gxlcaKrhRXmoVpWaPMb1vEmLrakWKc5bUIfA7oV81Xpdm--tQ.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d8c74b68ba10fa21db2caafd7504fa047844dd952535804bfcc1c0479c1c26da Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id pKcu94GNQ7TCZP75WtJj226QL0BTzDUv via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 46441 last-modified Thu, 21 Mar 2024 07:58:05 GMT server AmazonS3 etag "ba79b7cee1c5223b934f03c97b232268" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id rJhU0M7zkvOB_lz9LnjWkG8X_QLhwmzwr_zvtLCubsOeLA_FWX4d7g==
GET H2	200	65fbe938c48e3bcdc69e2e8c_iIcnuj-fmv9fK2TTljBc0g6NO-lVkK3LPCQkgBAGGNcIQvbFKy_JqDe2GRcB6AOOGB957XYqdSDK2cn9s1NoCBiWmzGcjVIuNYnYS3dQv_kLiEGYf5UPwdwycUH8qCIUABIaALw4H2JNuCGQrcS8eU0.png assets-global.website-files.com/63e8dd453f71270c6845992b/	257 KB 257 KB	9ms 9ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe938c48e3bcdc69e2e8c_iIcnuj-fmv9fK2TTljBc0g6NO-lVkK3LPCQkgBAGGNcIQvbFKy_JqDe2GRcB6AOOGB957XYqdSDK2cn9s1NoCBiWmzGcjVIuNYnYS3dQv_kLiEGYf5UPwdwycUH8qCIUABIaALw4H2JNuCGQrcS8eU0.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0f7dbe5bd525a488ed4c6465f0909e96922b7cf18a034445407f9790d5c2cb13 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id hJSIt1OrvJoWPQ.xw27bf68cN3UDUzzg via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 262693 last-modified Thu, 21 Mar 2024 08:00:57 GMT server AmazonS3 etag "57a0c4a6f71a91eba50cbe2429c9f3ad" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id qtJLS5Axmt5STpcatOW_YxeAHqKumdvwVob2ri6apin34UE38IDu-w==
GET H2	200	65fbe998ded95818b452a959_GkhC_cx8EP5HVTV-Eu_xncFRYnR7rsgBBM6dTYCxLmBLunSxpZk4wJFV-Sekrt5Qa-hwliFft68HWuXtvC9bg5TdY2MaM6egToYEYvHjOT40UO-8XCdqcsc_3NRXC7Ga9XBMoYl6G_38huWw3VnJXMA.png assets-global.website-files.com/63e8dd453f71270c6845992b/	64 KB 65 KB	19ms 16ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe998ded95818b452a959_GkhC_cx8EP5HVTV-Eu_xncFRYnR7rsgBBM6dTYCxLmBLunSxpZk4wJFV-Sekrt5Qa-hwliFft68HWuXtvC9bg5TdY2MaM6egToYEYvHjOT40UO-8XCdqcsc_3NRXC7Ga9XBMoYl6G_38huWw3VnJXMA.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f92dd6b155565d51f1b7c32077c46dacbb335710ae2bf81030131eb447017cf3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id FthfCxb9bWg83.LsUPDOPOF0ThEQBJR9 via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 65672 last-modified Thu, 21 Mar 2024 08:03:57 GMT server AmazonS3 etag "54c93b3872d12a5bfcb83b68942ed5ca" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id AX0IBtWurVyWBR9N4cy-0edb9nYUfhZsnts38DNjbB9hWxil-fbRlw==
GET H2	200	65fbea695cce9dc952214b4f_AWQGG-ecsuQxW1xE0CNaKWrdOuwnO2kbGUzlO1Okq2Jm43klH3SXckyBpJs03DLRhz_68BTcaT2zsE5QKrd1fMHA9Y0n_qKX5noRU14gUwJzzp1MBF_KHBs0PUm0CnRjc0xFXkt6Qi7BQPyCJveGc3w.png assets-global.website-files.com/63e8dd453f71270c6845992b/	300 KB 301 KB	24ms 22ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbea695cce9dc952214b4f_AWQGG-ecsuQxW1xE0CNaKWrdOuwnO2kbGUzlO1Okq2Jm43klH3SXckyBpJs03DLRhz_68BTcaT2zsE5QKrd1fMHA9Y0n_qKX5noRU14gUwJzzp1MBF_KHBs0PUm0CnRjc0xFXkt6Qi7BQPyCJveGc3w.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 602f9be3e66ece70117068443d2475b6d2c65aa4a557317061e9857fde1ea911 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id S4Jg0ytSLnVwVGNMtIDW1oDI6yjIq3e2 via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 306987 last-modified Thu, 21 Mar 2024 08:06:19 GMT server AmazonS3 etag "1e5da33d266a36a344c8b41d9f89b983" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id mWc9KgA5O7-6geub_pyUinDi_qV2NYd4pP1xYyaYFXxUD9I8NT-tYw==
GET H2	200	65fbea7f26cdf0975f1623ff_ZtQ0ufydemMiFG-BewKrECo9GSvBEjwHGBYriDc9bU79h9css-4qfF2TR5mtv496GEVBpuZsMPJqfHkXtC4qAcq9EMzxdW_8Ibrl8b4MR0TmgGubaYp7WaMeec10T8d-g9123-HRk8g54i33UijiLao.png assets-global.website-files.com/63e8dd453f71270c6845992b/	12 KB 13 KB	35ms 33ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbea7f26cdf0975f1623ff_ZtQ0ufydemMiFG-BewKrECo9GSvBEjwHGBYriDc9bU79h9css-4qfF2TR5mtv496GEVBpuZsMPJqfHkXtC4qAcq9EMzxdW_8Ibrl8b4MR0TmgGubaYp7WaMeec10T8d-g9123-HRk8g54i33UijiLao.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6980a94648bbb68c5529a40ad8e5c2cb02f52824d5b6c0d0a216a9f3d14629f2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id B.ltkkVfKxuIjGyc5JhdP1ghBGLIZk_D via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 12657 last-modified Thu, 21 Mar 2024 08:06:24 GMT server AmazonS3 etag "0f8dcc0a4f1795828de37c8af16a9871" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id b6aOkP62hnfB8EDjK-twm-PHPEnWiWBOtmRmuoF_l52G19Y9BeV7qg==
GET H2	200	65fbea8ea8394bc6fa8069f5_x37sSjcL41TzCo8rXVL_Op9bW4yCYg2clLLhBB71Op_IoKQ5MVyerY2N87GMsuQGH6oEuQxgT70lD4luPiVdz2XVg9pOdEX7k6cjOMKz_MbbeZfR1TZkFba5AX-AEPDe0seMIJuGhMFIgF7cg5fdNoQ.png assets-global.website-files.com/63e8dd453f71270c6845992b/	21 KB 21 KB	36ms 34ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbea8ea8394bc6fa8069f5_x37sSjcL41TzCo8rXVL_Op9bW4yCYg2clLLhBB71Op_IoKQ5MVyerY2N87GMsuQGH6oEuQxgT70lD4luPiVdz2XVg9pOdEX7k6cjOMKz_MbbeZfR1TZkFba5AX-AEPDe0seMIJuGhMFIgF7cg5fdNoQ.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca57f1cb88217eb9b4cbdb6875a4bf50a6c5bceabfc91c0822bd01625fd3e4df Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id OKafK8NuSD4hD19nxrmLh7qK071zgFf6 via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 21098 last-modified Thu, 21 Mar 2024 08:06:39 GMT server AmazonS3 etag "c205c7838c4a37f36041bf5e0e00b0b0" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id NFcB4w3apgl2nQNWUNtC_JCV74YEhs-O4o_j5gxvyEZmdsGo0GZRnA==
GET H2	200	65fbea97777e6eaf16570cfe_NigWPn_T51UrrP-eAVAu7g_ftvkZgEoOaVYMlFEuMqXU7flSlfJiDFAgGGuZ4wMNzap9PbbG01mV8m4kywArWATqjL5MvI0i3E3Y_FforRbSe-dyITDEtrrq7JWCOHXLmrAdyGpG_ZI8iCHFLu8etxM.png assets-global.website-files.com/63e8dd453f71270c6845992b/	69 KB 69 KB	33ms 32ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbea97777e6eaf16570cfe_NigWPn_T51UrrP-eAVAu7g_ftvkZgEoOaVYMlFEuMqXU7flSlfJiDFAgGGuZ4wMNzap9PbbG01mV8m4kywArWATqjL5MvI0i3E3Y_FforRbSe-dyITDEtrrq7JWCOHXLmrAdyGpG_ZI8iCHFLu8etxM.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d69d253fed41e9ac60430696a33b0cf1118c520a44484b03f76cf8b5a6b3a967 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id .huhORO0vJvDUUviW0zKmnD5cGdNbdE2 via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 70489 last-modified Thu, 21 Mar 2024 08:06:48 GMT server AmazonS3 etag "51314f2307960c6865ba421638c81bef" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id yN9KuGlTM7wRur6ofpR7gjnUSXpSnROP_9zNFcby-DP-2TuhKyJ9vA==
GET H2	200	65fbeaa0d92483225ea7f08d_RKUHc5Y0ZTPCwzIoG2DeZfoFJ06vk8tvLQsbpVA8bhdQnsimLBoX_comgoa5-2r-aOr5grqJc6UpMaYuAGuZH9xkQGoZBXS1Bp9l8xOf0dvK9hUQeEn2tAUZSeU-lX4sFfhECAyKJ1Ejq9MKLhrEMus.png assets-global.website-files.com/63e8dd453f71270c6845992b/	41 KB 41 KB	32ms 31ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeaa0d92483225ea7f08d_RKUHc5Y0ZTPCwzIoG2DeZfoFJ06vk8tvLQsbpVA8bhdQnsimLBoX_comgoa5-2r-aOr5grqJc6UpMaYuAGuZH9xkQGoZBXS1Bp9l8xOf0dvK9hUQeEn2tAUZSeU-lX4sFfhECAyKJ1Ejq9MKLhrEMus.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash abcf6e88eb8162224f54ada6eeba59fc9f49e98b8e70e23a05475e964a13059e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id NByU52Yd88VsCdd.aOJ7ERNG4rekXQ3i via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 41680 last-modified Thu, 21 Mar 2024 08:06:57 GMT server AmazonS3 etag "c4a59d0d5b976bdb3036dbd2e3cc5d13" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id PwiY4-eA1SmVEETziwisCCpncxpQe8__MLO5sNMt2GZFDjQIDNs_Xw==
GET H2	200	65fddc958fb21fa93a34cbc6___QS_DWI4DgfXZd7ouf9Cf2AaQHSRsjWssZLoLmZecAlxtIF2aCtdmR8d3XW_yPddAnkqLmnmZQeZcnG89_iCYjRu8S-jezZh7s5yrbmwTLySZT5UvIZ2VTVh8S-0c0QUEFEistL2Sr7QbGpnWDKfxg.png assets-global.website-files.com/63e8dd453f71270c6845992b/	25 KB 25 KB	32ms 30ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fddc958fb21fa93a34cbc6___QS_DWI4DgfXZd7ouf9Cf2AaQHSRsjWssZLoLmZecAlxtIF2aCtdmR8d3XW_yPddAnkqLmnmZQeZcnG89_iCYjRu8S-jezZh7s5yrbmwTLySZT5UvIZ2VTVh8S-0c0QUEFEistL2Sr7QbGpnWDKfxg.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 607faa1c7e1f0227d937e00d686110ff94ba673cb5fc0201208ff3cd140c21f8 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id 3Wk6uS4aSl5hxpHDeNoxP.KcANSDEcmg via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 25498 last-modified Fri, 22 Mar 2024 19:31:34 GMT server AmazonS3 etag "dfeea9efb60dd02566c282f3e66d816c" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id O4C65MbrV9I84eTxX3xDF_o6csSJ9o2ZEVCOtRXG128sKEO5rTGcZQ==
GET H2	200	65fbeab6d292e9741e331e10__wsQe4DyVnH8EDM34oS3-zD_sM0w4N59C8U6tZIKG1AN_IjLx-nlq9ouKeey2riKMVuPjBFYrnoPZHUzjt-Zho3_z-0y_taG1jia-G_BvtRaE8FeKHP45c3xhPElqsrru7jqt7Vo1RTcNfBdiat1IH0.png assets-global.website-files.com/63e8dd453f71270c6845992b/	52 KB 53 KB	30ms 28ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeab6d292e9741e331e10__wsQe4DyVnH8EDM34oS3-zD_sM0w4N59C8U6tZIKG1AN_IjLx-nlq9ouKeey2riKMVuPjBFYrnoPZHUzjt-Zho3_z-0y_taG1jia-G_BvtRaE8FeKHP45c3xhPElqsrru7jqt7Vo1RTcNfBdiat1IH0.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8497eceacd3a2fe272163790e0900267e08857dfd9d6ee6bef27eda6d9a52cf4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id .JNmK0xBs19dO.alnK0mctHikCdbYq.B via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 53603 last-modified Thu, 21 Mar 2024 08:07:19 GMT server AmazonS3 etag "f28d48113439d0e2db41a540267065c1" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id OlVFjKKM4ufs1T6zIc28TJAl3aTMZwdnK1pA9KH4eaUg9k1Bpw24LQ==
GET H2	200	65fddcef15505ae30ab7a876_10qAhajSBriAiBUH333DqYjVXquFdt38QvgXQetpv44UXJz-4zKbZMeLLMGXEYCI1ZlkG_niymvyHb-O6vrboZydGoriB5-QWMXMK0Oop56P8ZHGBmvZurWa7PdAm8QipzafzPght1qzD6uKFN0GOmk.png assets-global.website-files.com/63e8dd453f71270c6845992b/	27 KB 27 KB	36ms 35ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fddcef15505ae30ab7a876_10qAhajSBriAiBUH333DqYjVXquFdt38QvgXQetpv44UXJz-4zKbZMeLLMGXEYCI1ZlkG_niymvyHb-O6vrboZydGoriB5-QWMXMK0Oop56P8ZHGBmvZurWa7PdAm8QipzafzPght1qzD6uKFN0GOmk.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dc635ae3eeeba663545c699be478ea5e4c69d9eac236741f57bdf6b2d66d0b7e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id MWuBBv8LTKSUiz3LwXsJELoRa5Y_MLdT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 27197 last-modified Fri, 22 Mar 2024 19:33:04 GMT server AmazonS3 etag "6efb78724b538312e74e2af6f207d7cf" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id UUs0EUQTmoQJ-yNZJVahQkfJ8C7SbiMwddE575SGOmEFkXexKSrw6Q==
GET H2	200	65fddd083ad3fcd645d7a242_sYJ1Gcfx68erkfxCO-541k5IeY9zWm-MAUuCMmez2qYHqvzlrbTp4MbwqNKdoDjTxKrNITZwSs3Sb48FMwi600leozXXxyoCUbxNLNIm4exxAsUbeE2mnKr-v_ZeJTiQh11fRk5Sdn2TMwJ4AWS-7h8.png assets-global.website-files.com/63e8dd453f71270c6845992b/	49 KB 49 KB	39ms 38ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fddd083ad3fcd645d7a242_sYJ1Gcfx68erkfxCO-541k5IeY9zWm-MAUuCMmez2qYHqvzlrbTp4MbwqNKdoDjTxKrNITZwSs3Sb48FMwi600leozXXxyoCUbxNLNIm4exxAsUbeE2mnKr-v_ZeJTiQh11fRk5Sdn2TMwJ4AWS-7h8.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e7f277f8e31f439310633aca2221f239757f398b4815170fe78bb67f9ac3d4bd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id vkOao6EG7OWb_dVXTLeC.7HofCQQSNwm via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 49933 last-modified Fri, 22 Mar 2024 19:33:29 GMT server AmazonS3 etag "12b36892a305b48a7cac014365270837" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id Heksq53vsBHxQbhH0FDWzpE9zv4vp8wxLJ4RpzYACu6tHxoCpmCqsw==
GET H2	200	65fddd1e3dc1735e2e9f1920_ptb0Jgz7arATJATl4igW7BLQHQ972R5Rb1FFPb_zj9sdoRBXOS0yqOv2Hr3Ac-kuAD1dmUZYxlXWAeMmNKBJaGKJQ1o0VKrBCOC-0-SUceqIjh2vX6G7bqBOixrBGgWaj-BkrmSztSfqX_gGUzfRYkg.png assets-global.website-files.com/63e8dd453f71270c6845992b/	142 KB 143 KB	37ms 36ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fddd1e3dc1735e2e9f1920_ptb0Jgz7arATJATl4igW7BLQHQ972R5Rb1FFPb_zj9sdoRBXOS0yqOv2Hr3Ac-kuAD1dmUZYxlXWAeMmNKBJaGKJQ1o0VKrBCOC-0-SUceqIjh2vX6G7bqBOixrBGgWaj-BkrmSztSfqX_gGUzfRYkg.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a1855684354322fc3bdc37ee15f34f614e8e3b83ce5e047e0080fde4adad3f01 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id 2HN_meOZTkjnyHjCoUbPbUEgGMTFuBF5 via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 145826 last-modified Fri, 22 Mar 2024 19:33:51 GMT server AmazonS3 etag "e5d7877b10f0f649fdcdbde6c4b763c9" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id l8GeF90LfOMGFV2Y9SYYPgzCJP_ZvDSOlrDtajt3X0mBHZDPZazvlQ==
GET H2	200	65fbeac9b534167645cbe97a_W1Vj5dhZSR6OaDiIf5ENTawboZN1S0tFL71p2MoYOI0UyFkSlo9nXZ39UjS_LG_QbqPBkNzS2zB8SelPCm1O2eDjj7gk0PofC-aChj088I47A41qTwCA5cg8VNej6-NuAYTIcXz8Cmy6jDx1XWCgc2I.png assets-global.website-files.com/63e8dd453f71270c6845992b/	59 KB 60 KB	38ms 37ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeac9b534167645cbe97a_W1Vj5dhZSR6OaDiIf5ENTawboZN1S0tFL71p2MoYOI0UyFkSlo9nXZ39UjS_LG_QbqPBkNzS2zB8SelPCm1O2eDjj7gk0PofC-aChj088I47A41qTwCA5cg8VNej6-NuAYTIcXz8Cmy6jDx1XWCgc2I.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e0f489313e71e838e3612fa89eed40f75775ddbce9761c3a51e1e6d7891b696 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id 5ipVN3cBrfzEcXKn23.wm1O_nT1RkVPO via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 60607 last-modified Thu, 21 Mar 2024 08:07:38 GMT server AmazonS3 etag "7a406b9138c70c261cbf5ff5ca72b575" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 55z38wcoqOhO_ukPP-Jc75SdPMhNsb4FiVGYaPWVlC7FO4yHlMed4w==
GET H2	200	65fbeafbab4f9c13e1630bda_aBaJ8FZy-rPGOj4x-s6UIiq-V6UqaNBfWsheIiKRhR2mIkYX0SUdQcFsPcaNbn0EerWG-w5bnareUX9chy-AW4YqtUFz0C81lC5qEjA5o0BCblxru_tlZdS_y3-AcMCbBzPTS2TBszDnpdYP0AV2wpA.png assets-global.website-files.com/63e8dd453f71270c6845992b/	77 KB 77 KB	41ms 40ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeafbab4f9c13e1630bda_aBaJ8FZy-rPGOj4x-s6UIiq-V6UqaNBfWsheIiKRhR2mIkYX0SUdQcFsPcaNbn0EerWG-w5bnareUX9chy-AW4YqtUFz0C81lC5qEjA5o0BCblxru_tlZdS_y3-AcMCbBzPTS2TBszDnpdYP0AV2wpA.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2462db02cfe62c7c80a191cef8b928fa4cfdfcabd83939f655581fadd8c8e3e7 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id LO.eYdp5RDbTIC0ShQ.KgSZZy5WaT9uX via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 78407 last-modified Thu, 21 Mar 2024 08:08:28 GMT server AmazonS3 etag "57a5a05e0efa660b95b5339f33bc9a1d" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id VMs62aryDUqlwQ4Wc9a92ecasKRTk9qyTpIaSjJPtJ9SFdfbGmKCEw==
GET H2	200	65fbeb50104e90dcc8a7ca8b_7pwsBiluSYq2ZObZHLzr2lX1ozIbWYsX0spqtn8H_xcWc64EvyEefpPorATGyWQpymjr9EdmqqIa3kuBu5bkZ5kV-0yreOiPA_zJJjRYl9QeqqcE4q3bmw_k95huN7V9VW4iXLfYk3UzP6OEfPtQDDE.png assets-global.website-files.com/63e8dd453f71270c6845992b/	83 KB 84 KB	45ms 44ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeb50104e90dcc8a7ca8b_7pwsBiluSYq2ZObZHLzr2lX1ozIbWYsX0spqtn8H_xcWc64EvyEefpPorATGyWQpymjr9EdmqqIa3kuBu5bkZ5kV-0yreOiPA_zJJjRYl9QeqqcE4q3bmw_k95huN7V9VW4iXLfYk3UzP6OEfPtQDDE.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e3dc59aa1d62442c0d6fe79f2f2fd8d6a8fb27c3221959a6dfa5b60d26e3cc8 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id ZzSiyeqYJDjL2SMxl1AZhcRhzy7kN2AI via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 85067 last-modified Thu, 21 Mar 2024 08:10:25 GMT server AmazonS3 etag "5ca7b728aff10cf16ad461267efcb47e" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id HftX6MV4wyuG0wRV0eQb3bNqxkgzYKPpOlAeaQc0zFxJkmb0aEYnlg==
GET H2	200	MeetingsEmbedCode.js Show response static.hsappstatic.net/MeetingsEmbed/ex/	3 KB 2 KB	49ms 20ms	Script application/javascript	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c59568d0910e070f81e4f29256bcd83e5fa9217230e2eeb5b2f1cce66f15d0c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id 0H06Jeb69M5qyLr6cQ1bvQxv.WKt8jX5 via 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 age 26 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 06 Feb 2024 16:44:19 GMT server cloudflare etag W/"bf38f9c2121bff527bb6c2db7f7480df" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYcOXpTUvf9pPt2sk2cUB8r8kvywmZghtw0k2s674bq1j5bumyBUeHeTuh4ogwfxDBemq41TS6xZI9UVk19zKbze6ts%2FkWa6QgKL0W9IbcXRXYali9sYM3jur7FRv3Ulk93e%2FS0%2BMCRNHqEf%2BxE%2B2VnKX00%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=60 cf-ray 86abd7d9b8033815-FRA x-amz-cf-id TwqRqiN1v8V9etv3T06mqJHQeHw-DaQX-ziZYB0UMZsSqyXwfMNLuA== expires Wed, 27 Mar 2024 02:11:17 GMT
GET H2	200	v2.js Show response js-eu1.hsforms.net/forms/embed/	481 KB 154 KB	92ms 20ms	Script application/javascript	172.65.255.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsforms.net/forms/embed/v2.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b715034010b1479e7a4a2e5d571689fd05142a6a765fa341fb8f61e9ce576329 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 64 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4774/bundles/project-v2.js&cfRay=86abd64b59161b36-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"9485dc4b1fa9efefba4862f8a0581794" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.4774/bundles/project-v2.js date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id 9d7EqS.wP16C3hZhn1hsKrzc1cSTV7NB via 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 25a1a5fa-041d-4960-8c82-80c7cc64a4d2 x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 8 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 25a1a5fa-041d-4960-8c82-80c7cc64a4d2 last-modified Thu, 29 Feb 2024 15:14:22 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObROZ3kkcDP6EruKV7Ogx4N96AgW%2BuNwWool84QdRTHeQ6mgrMuS%2FPdVrFkPOQDT37CeZ86QhcG4N8fSNq2Tal5D91xr62IsDVIQnY9twBHLj7Niw3Givq5L1SNHEmrIvQFanw%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status MISS x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-87cgv cf-ray 86abd7d9ff392c04-FRA x-amz-cf-id SGoFS60e2-SuMIPhJdG0kYNR2nvDS7AyRxE_o7oWs_1YAtYYAlPapw==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 30 KB	42ms 12ms	Script application/javascript	18.244.20.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=63dbb928e89213590c5bfd53 Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.20.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-20-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 17:21:53 GMT content-encoding br via 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront) age 31705 x-amz-cf-pop FRA56-P11 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id DaZsFL-idMKEgohb52Hypg_SNwehZmQI04kw6n3c5ye_YG-LE0l7Sg==
GET H2	200	webflow.adfd53a61.js Show response assets-global.website-files.com/63dbb928e89213590c5bfd53/js/	709 KB 180 KB	20ms 18ms	Script text/javascript	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/js/webflow.adfd53a61.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6b7d510e44c3eba9679f7434461a25fecb13e08adc4944d400a656af7c9789d9 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id Agd7mVaIDxN9y8eNHUYCs6h.Nmkldhl8 content-encoding gzip via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) date Tue, 26 Mar 2024 13:11:15 GMT age 47250 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 183283 last-modified Mon, 25 Mar 2024 13:32:23 GMT server AmazonS3 etag "bef8ffc5ac828186421f3c87905d64be" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id kqE8-OftjpTBTEuIU5HrehShohZohygc1X4My9AdH3AO8mcZVtLfUg==
GET H2	200	e4f3ad42fb264da7b4f5de414a529ba4_EU.js Show response cdn.privado.ai/geo/ Redirect Chain https://www.cdn.privado.ai/e4f3ad42fb264da7b4f5de414a529ba4.js https://cdn.privado.ai/geo/e4f3ad42fb264da7b4f5de414a529ba4_EU.js	54 KB 55 KB	27ms 9ms	Script binary/octet-stream	2600:9000:225e:9600:14:dc98:7700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privado.ai/geo/e4f3ad42fb264da7b4f5de414a529ba4_EU.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Server 2600:9000:225e:9600:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 837dc33fac63d6506e34040fd85378926877131f88aa8814d062125edde98173 Request headers accept-language de-DE,de;q=0.9 Referer https://www.oligo.security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers date Mon, 18 Mar 2024 06:35:22 GMT x-amz-version-id gvaDxZ4dnmo4LOqGaUOUcdljv2QH4X35 via 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 18:37:08 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 761695 etag "126c3d81bfd62f6aeeb4d51a807ff0dd" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 55502 x-amz-cf-id XVLT2n3KtXPDtF5A9XCzcpBTs0RLr5j-_yUjh80Vr9dz5tlAVKsgPg== Redirect headers date Tue, 26 Mar 2024 10:36:58 GMT via 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA60-P4 age 55999 x-cache Hit from cloudfront location https://cdn.privado.ai/geo/e4f3ad42fb264da7b4f5de414a529ba4_EU.js content-length 0 x-amz-cf-id kZVUiH2hcM85TsL-mbHDfOSVtlD_cfDEHJ1S_WbsqrvUuvtxINypNg==
GET H2	200	bundle.v1.0.0.js Show response tools.refokus.com/social-share/	2 KB 1 KB	47ms 16ms	Script application/javascript	76.76.21.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tools.refokus.com/social-share/bundle.v1.0.0.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 57a1be218332ffe88ab1757b2786ea6c193456814044ac6ca5aed7ef6e292e13 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::d6rxl-1711505417234-f19f56ae2068 age 5331594 etag W/"5ab5e077823e9ac9fe87506050035832" x-vercel-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="bundle.v1.0.0.js"
GET H2	200	form-124.js Show response hubspotonwebflow.com/assets/js/	10 KB 3 KB	56ms 27ms	Script application/javascript	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hubspotonwebflow.com/assets/js/form-124.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::2lb6x-1711505417232-16c2a2ec3215 age 531277 x-matched-path /assets/js/form-124.js etag W/"392ca1f460caa2aa9439969a89f31c13" x-vercel-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="form-124.js"
GET H2	200	gtm.js Show response www.googletagmanager.com/	252 KB 89 KB	54ms 28ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 54a127aa2a56b284595900bd4569203c090fd3e8088154d074136ba55b13f7c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 90908 x-xss-protection 0 last-modified Wed, 27 Mar 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Mar 2024 02:10:17 GMT
GET H2	200	63e8f3f05b939f21199f79e6_Runtime%20application%20security%20and%20observability%20-%20Oligo%20blog%20vis.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	3 KB 1 KB	49ms 49ms	Image image/svg+xml	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e8f3f05b939f21199f79e6_Runtime%20application%20security%20and%20observability%20-%20Oligo%20blog%20vis.svg Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.33f9bbd00.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1df30db67bd1142700a1d2d22015595e8f2c0ae5cdb429d10ba2404adef7d7d0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.33f9bbd00.min.css accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 04 Feb 2024 18:07:13 GMT x-amz-version-id x2f7bVZMdFn4ZyioNVEJT9.uJzR5or2L content-encoding br via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 4435385 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sun, 12 Feb 2023 14:13:05 GMT server AmazonS3 etag W/"4b4656ca97e042a02ff500611312ff2b" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id 75TOl3BhaD3shgRNfWKm6VmEMk2fExETFuRFLZBOZ9Lmzaj-6Tyhjg==
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4 Request headers Referer Origin https://www.oligo.security accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET H2	200	651e74a0767b9c73701282b7_Gilroy-Regular.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	142 KB 56 KB	45ms 11ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/651e74a0767b9c73701282b7_Gilroy-Regular.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.33f9bbd00.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 10 Dec 2023 07:06:04 GMT x-amz-version-id oexasRtVcyRcChHliJIa93hv1qQmICmj content-encoding br via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) age 9313453 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 05 Oct 2023 08:32:34 GMT server AmazonS3 etag W/"31ff7c1a62a300dbbf9656b4ba14a0d5" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id n6D6wHNFHktOmGWC_gkJGimOcW2eWlVcIHy0yUfri5BlGpLr_mOMZQ==
GET H2	200	6576ffeefa5c1d59c4af77ef_Gilroy-Bold.otf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	54 KB 55 KB	60ms 26ms	Font application/x-font-otf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/6576ffeefa5c1d59c4af77ef_Gilroy-Bold.otf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.33f9bbd00.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 23 Dec 2023 05:34:14 GMT x-amz-version-id Z0WqSiEDth.v.8BTxpuVItipsTAKJAnb via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) age 8195764 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 55376 last-modified Mon, 11 Dec 2023 12:26:23 GMT server AmazonS3 etag "17cb9303df7b7264b9c4ef0953366617" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-otf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id sDXICR7btXKjXuJTQF080yoGdjsskTVge2Y8-aAva8vRLfQoWuE-Hg==
GET H2	200	651e74ad93ac287a277918eb_Gilroy-Medium.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	140 KB 57 KB	54ms 20ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/651e74ad93ac287a277918eb_Gilroy-Medium.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.33f9bbd00.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7b3c84352c6a0d8a3479b528b8d8336ddb1cef0da8b81dea0e41a930d56523fe Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 17 Dec 2023 08:59:30 GMT x-amz-version-id svhvpGz_XPuJp67RfZy085V84.J.osOF content-encoding br via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) age 8701848 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 11 Dec 2023 12:22:36 GMT server AmazonS3 etag W/"c83281ae1ca703d0741a770ee7e7c091" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id -TBLtXGqG7TR1iWvs18jFT93b-LYKekxFR8dDiGycQdJV446W_EPsg==
GET H2	200	63e7f5d22d65536cbe69286e_Runtime%20application%20security%20and%20observability%20-%20Oligo%20logo.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	5 KB 3 KB	30ms 26ms	Image image/svg+xml	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e7f5d22d65536cbe69286e_Runtime%20application%20security%20and%20observability%20-%20Oligo%20logo.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f8fb1dc8293237359c2422f574d9b9529f57c1efd83611e0174823c5c11c01d7 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 11 Feb 2024 12:05:05 GMT x-amz-version-id 5vpQ4Vr6HaN8rvBhDP3LKBrnFvavKBlZ content-encoding gzip via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 3852313 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sat, 11 Feb 2023 20:08:52 GMT server AmazonS3 etag W/"003d807c691248fe7013c63a14b30a12" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id b7Crz-e5Y8vSqvj3lEACyNVT7GHShzSPbL1aCSxk8dKe8NQ75B5aZA==
GET H2	200	65fbd7d106f822c9e08dcb85_Avi-Lumelsky-p-500.jpeg assets-global.website-files.com/63e8dd453f71270c6845992b/	17 KB 17 KB	38ms 35ms	Image image/jpeg	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbd7d106f822c9e08dcb85_Avi-Lumelsky-p-500.jpeg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bf26427ca5bfce7aa44f313cabe1275052f82eb4d565a5c49c5849be9d72940f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id K49UKeApz3qrH2skUssDpkKrTEeBvYJd via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 52463 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 17089 last-modified Thu, 21 Mar 2024 06:46:44 GMT server AmazonS3 etag "1eea2170f9d5b151badf5bd03897f9a5" content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id CkYPS0tsJhlOOdkn6YFs7XNbLsYRI_To9GnnB7IQL8vjGHzk8P-owg==
GET H2	200	651c02cddfd2791d719a7f14_Ellipse%203617.png assets-global.website-files.com/63e8dd453f71270c6845992b/	14 KB 14 KB	31ms 27ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/651c02cddfd2791d719a7f14_Ellipse%203617.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b052ae02766f3a5f58f1c9204da57d64df5f5c01840c367cea6ec4a4568a84a9 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 06 Mar 2024 08:32:39 GMT x-amz-version-id 9ZoqiOGCPzSlp2r.EcSj44PNZ3pgnI5b via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 1791459 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 14117 last-modified Tue, 03 Oct 2023 12:02:23 GMT server AmazonS3 etag "15cc1bbdf7982afcaac24ddb2c340fe9" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id ghS5-WKnY_jaG8zbjIJfQOddUVWypahxjeA7IFLqK3ZeQWlLRmBb1w==
GET H2	200	651c02da27d2a4f4f97b5e79_Ellipse%203618.png assets-global.website-files.com/63e8dd453f71270c6845992b/	14 KB 15 KB	31ms 28ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/651c02da27d2a4f4f97b5e79_Ellipse%203618.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4422814965de8256ef5f3e608d5052400d213cd2689758377faad24342a0170d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 08 Mar 2024 09:43:23 GMT x-amz-version-id Y1pfVyK8b4J1yLM6aOZSnLbpd9eCBw5g via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 1614415 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 14654 last-modified Tue, 03 Oct 2023 12:02:35 GMT server AmazonS3 etag "3cc881439fd2afdbd64b553558fdbdd8" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id poHw_NY1IrstQDERsafpZl_pLyEslG21fYd82yzuD9jsFYJr4IGcaQ==
GET H2	200	63e699a712777076bc9d3685_linkedin.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	940 B 1 KB	38ms 35ms	Image image/svg+xml	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e699a712777076bc9d3685_linkedin.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c867b00c1dbd3c7ac3af53d79d20ac9db3179579887db5bc6f4d071ab993c392 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 13 Feb 2024 13:40:28 GMT x-amz-version-id e9VxNuEjCkHK9J9zxzOSKdwTs5.6uTQT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 3673789 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 940 last-modified Fri, 10 Feb 2023 19:23:21 GMT server AmazonS3 etag "d24c7fc14f2a5f6e6d897795dd234cb5" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id l3KijijNimHaJKGaOi3cAY1CKA5KEJimolmGtNZXKViqWy4htFtIgg==
GET H2	200	63e699d3bafcc396e9c866d1_Twitter.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	974 B 1 KB	39ms 37ms	Image image/svg+xml	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e699d3bafcc396e9c866d1_Twitter.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7dc092306d243a19a04da12bf4ba5cf495be8e33623db482ac0e6e66a6634146 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Jan 2024 13:28:32 GMT x-amz-version-id 3VQMc_vvl_O8XD6RkqO9OFp46uYe6VXO via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 5316106 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 974 last-modified Fri, 10 Feb 2023 19:24:05 GMT server AmazonS3 etag "da7677e082bdcea6a6009605193def93" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id yVGI0wTfyfuDyTUcwa8GL5FctYsW_0ez7k8RKkPYiumCTWlSGbpx6g==
GET H2	200	63e699ecce4fe7680bc34437_facebook.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	625 B 1 KB	38ms 36ms	Image image/svg+xml	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e699ecce4fe7680bc34437_facebook.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 91a3ed526e58ba6845c3ceebaeba0095c76e9ea6c5b2ce1e174aa3603589a4aa Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 06 Mar 2024 09:58:35 GMT x-amz-version-id vyyEeFrkOkZ.YdJWhBmcZUr4Z_dl0ZB. via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 1786302 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 625 last-modified Fri, 10 Feb 2023 19:24:30 GMT server AmazonS3 etag "3d94d6140ce4a9ff4736f46a00a2c666" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id TwLMSoy46PCPHpshk7f9Y36V_GCyrTuyBtd6wphTWCVGAuucQTYcCw==
GET H2	200	64906dd5a836ca42170a1cf7_link.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	1 KB 1 KB	36ms 34ms	Image image/svg+xml	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/64906dd5a836ca42170a1cf7_link.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a906213da48e61ce93ef61ee36def14e7bdae38449e1de2fe35306eac10eefd1 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 04 Feb 2024 18:07:13 GMT x-amz-version-id vFQYOx1da5athJORDhQlVQXVFWDUKBZH content-encoding br via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 4435384 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 19 Jun 2023 15:01:43 GMT server AmazonS3 etag W/"cea4105bd5f06758d90b7f563aebf207" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id O_t6MjysLLudMSnAH5Kls1Rvx876QMKiZSSULrTmP9jxzixrJnUr-g==
GET H2	200	65fbd7ec31cf9a3136347682_ShadowRay.png assets-global.website-files.com/63e8dd453f71270c6845992b/	794 KB 796 KB	40ms 37ms	Image image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbd7ec31cf9a3136347682_ShadowRay.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4bdc3d456eed7e35b565f0034b9097a78e51658611ab33926084b8bab5835acb Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 25 Mar 2024 16:12:45 GMT x-amz-version-id n5Pxi.eRaDheXEpJglCP3lfkXQwZ6B3U via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 122252 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 813250 last-modified Thu, 21 Mar 2024 06:47:10 GMT server AmazonS3 etag "15276c5af9c9dcd347aa64bc1fa4f607" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id OkgfioIdBikJRHVLX-F8LXYZLdTO_VPjtQ_x6-yMP7m7KeJ70ZvdmA==
GET H3	200	highlight.min.js Show response cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/	113 KB 40 KB	24ms 23ms	Script application/javascript	104.16.89.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/highlight.min.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/codehighlight.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1828162a4978444dfe33f4cd1f977f17cd13cf7d0f413f8eb9bab9437239736d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1157206 x-jsd-version 11.4.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230041-FRA, cache-lga21926-LGA x-jsd-version-type version server cloudflare etag W/"1c30f-0mStFr3znP7CsGwgIjuH/LN60ns" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rV%2FSpVejW4v6UIi1CabV315WvDde3VPvjkgZQ5GtwIY2t%2BmU703%2BISOxBoW6whKDpvnDr239Hc4nbp1hMLKCszZ%2FR7buOJEI%2BSwa2Cx14g%2BytqsEtXwpZyU1ZbA1Eu6hRJg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 86abd7d9be8971c1-FRA
GET H2	200	shadowray Show response go.oligo.security/meetings/mktg/ Frame B95D	63 KB 23 KB	476ms 104ms	Document text/html	2a06:98c1:3200::90:2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be901374ec2c5c851090143dc809ad6b2eb8b2b850c6f870bec849bc3d96181a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options no-sniff Request headers Referer https://www.oligo.security/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 22287 alt-svc h3=":443"; ma=86400 cache-control max-age=0, no-cache, no-store cf-cache-status HIT cf-ray 86abd7dc59372bf1-FRA content-encoding br content-security-policy upgrade-insecure-requests content-security-policy-report-only script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net snap.licdn.com www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net googleads.g.doubleclick.net www.googleadservices.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=MeetingsPublic/static-1.40200/html/public-eu1.html&cfRay=86abd7dc64372bf1&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fmeetings%2Fmktg%2Fshadowray%3Fembed%3Dtrue%26parentHubspotUtk%3D51a5651d47027800ab1dbb0e123bd5e2%26parentPageUrl%3Dhttps%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&referrer=https%3A%2F%2Fwww.oligo.security%2F&cfenv=prod&pdt=2024-03-27&csp=ro content-type text/html; charset=utf-8 date Wed, 27 Mar 2024 02:10:17 GMT expires Thu, 28 Mar 2024 02:10:17 GMT last-modified Mon, 18 Mar 2024 19:53:39 GMT nel {"report_to":"nel","max_age":86400} report-to {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]} reporting-endpoints default="https://send.hsbrowserreports.com/csp/reports?cfRay=86abd7dc64372bf1&resource=MeetingsPublic/static-1.40200/html/public-eu1.html" server cloudflare server-timing cfr;desc=86abd7dc64372bf1, d;desc="MeetingsPublic-eu1#f4d1a2f5-85da-42d2-9dae-ee82c598e360" strict-transport-security max-age=31536000 vary Accept-Encoding via 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront) x-amz-cf-id MTayHok_JXwEmT1qwINvuFo8C-cidaDL9RZgOdrLzHX-oj348TB6aA== x-amz-cf-pop FRA60-P6 x-amz-replication-status COMPLETED x-amz-server-side-encryption AES256 x-amz-version-id T6Gg1wX7HvNIpjtReXYG7kx_DV8gw.LS x-cache Hit from cloudfront x-content-type-options no-sniff x-hs-target-asset MeetingsPublic/static-1.40200/html/public-eu1.html x-hs-worker-debug-mode false
GET H2	200	js Show response www.googletagmanager.com/gtag/	291 KB 98 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-MF9NP2JYC7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0dc887fccdabdf77dceceb851192671a38afeedffdf6cd70caad68e0702a341c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100364 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 27 Mar 2024 02:10:17 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	247 KB 86 KB	28ms 27ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-11293028927&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7cb89c7c493a7084bc0f10e9b812bc8fddf899f612decfa2cc38d5c1603929ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 88078 x-xss-protection 0 last-modified Wed, 27 Mar 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Mar 2024 02:10:17 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	48 KB 17 KB	32ms 8ms	Script application/javascript	2a02:26f0:3500:16::215:148d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 11 Mar 2024 16:03:53 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=27697 accept-ranges bytes content-length 17224
GET H2	200	26088573.js Show response js-eu1.hs-scripts.com/	2 KB 1 KB	71ms 20ms	Script application/javascript	172.65.208.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-scripts.com/26088573.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1de4f0c604da688c0646b0559de0d2a442a9bc72cc6d2329952c210f27605a64 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-hubspot-correlation-id f8d4f468-515b-481e-b66b-22748d53b893 x-evy-trace-route-service-name envoyset-translator cf-polished origSize=2028 age 3637 x-envoy-upstream-service-time 8 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f8d4f468-515b-481e-b66b-22748d53b893 cf-bgj minify last-modified Wed, 27 Mar 2024 01:09:40 GMT server cloudflare access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.oligo.security x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-77d7fcd6b5-l66hw x-evy-trace-virtual-host all access-control-allow-credentials true cf-ray 86abd7da992371d0-FRA
GET H/1.1	200 OK	reb2b.js.gz Show response s3-us-west-2.amazonaws.com/b2bjsstore/b/ZQOQRJHZP062/	15 KB 5 KB	556ms 194ms	Script application/javascript	52.92.154.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/b2bjsstore/b/ZQOQRJHZP062/reb2b.js.gz Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.154.168 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 631974bf68d8d7a9b29cb68f0f75d05dc6b431173092c9be7b1b7616d73e4f02 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 27 Mar 2024 02:10:18 GMT Content-Encoding gzip Last-Modified Mon, 11 Mar 2024 16:06:09 GMT Server AmazonS3 x-amz-request-id T24G08ZQ6GDXX62N ETag "78df7714c0f58acbce99c6f77db640b8" x-amz-server-side-encryption AES256 Content-Type application/javascript Cache-Control max-age=172800 Accept-Ranges bytes Content-Length 4127 x-amz-id-2 W4Zr5TbHznCVPdlSTARjQIugvf2aOFcnZc+cLJzFP7WH6AoS1WDyfuqK7JitDSrH8dddMZyxEyA= Expires Wed, 13 Mar 2024 16:06:08 GMT
GET H/1.1	200 OK	json Show response forms-eu1.hsforms.com/embed/v3/form/26088573/124733a1-1952-419d-808a-0ff59ea44829/	8 KB 4 KB	101ms 52ms	XHR application/json	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hsforms.com/embed/v3/form/26088573/124733a1-1952-419d-808a-0ff59ea44829/json?hs_static_app=forms-embed&hs_static_app_version=1.4774&X-HubSpot-Static-App-Info=forms-embed-1.4774 Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 748100335a43224e4fd71624dfbef0f17c70413178460610fb322c70eb691a88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept application/json, text/plain, */* Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Origin-Hublet eu1 Date Wed, 27 Mar 2024 02:10:17 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC Content-Encoding br x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id 6fe49ad5-00c7-4e4b-862c-0829e96f3b09 Transfer-Encoding chunked x-envoy-upstream-service-time 14 Connection keep-alive alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 6fe49ad5-00c7-4e4b-862c-0829e96f3b09 Server cloudflare X-Trace 2BD56742B7B639CB6CF2B75D0F2F759C1A6B8BDEE9000000000000000000 Vary origin Access-Control-Allow-Methods OPTIONS, GET Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.oligo.security x-evy-trace-virtual-host all Access-Control-Expose-Headers X-Origin-Hublet Access-Control-Max-Age 180 Access-Control-Allow-Credentials false Cache-Control max-age=0, no-cache, no-store X-Robots-Tag none Access-Control-Allow-Headers * CF-RAY 86abd7dadc0a39da-FRA x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-58dc5458ff-8dd2n
GET H/1.1	200 OK	json Show response forms-eu1.hsforms.com/embed/v3/form/26088573/124733a1-1952-419d-808a-0ff59ea44829/	8 KB 4 KB	84ms 43ms	XHR application/json	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hsforms.com/embed/v3/form/26088573/124733a1-1952-419d-808a-0ff59ea44829/json?hs_static_app=forms-embed&hs_static_app_version=1.4774&X-HubSpot-Static-App-Info=forms-embed-1.4774 Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83ea14d78beef9ed669a48dce3dcba9b35378af42f72cde7b78df2a9e048675b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept application/json, text/plain, */* Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Origin-Hublet eu1 Date Wed, 27 Mar 2024 02:10:17 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC Content-Encoding br x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id 5324be71-af68-4927-8c4d-f0c9d3f2557e Transfer-Encoding chunked x-envoy-upstream-service-time 13 Connection keep-alive alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5324be71-af68-4927-8c4d-f0c9d3f2557e Server cloudflare X-Trace 2B252245D4089ED3C3A650342A6501F024D9B87845000000000000000000 Vary origin Access-Control-Allow-Methods OPTIONS, GET Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.oligo.security x-evy-trace-virtual-host all Access-Control-Expose-Headers X-Origin-Hublet Access-Control-Max-Age 180 Access-Control-Allow-Credentials false Cache-Control max-age=0, no-cache, no-store X-Robots-Tag none Access-Control-Allow-Headers * CF-RAY 86abd7dadfd82c39-FRA x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-58dc5458ff-lwrvs
GET H2	200	651e74c6e78c11856ab61c5a_Gilroy-SemiBold.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	137 KB 57 KB	8ms 8ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/651e74c6e78c11856ab61c5a_Gilroy-SemiBold.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.33f9bbd00.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 8b4f5562de072aa2884798b9fdb2329ad4122d972a1bf2f58fe645b9623b0590 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jan 2024 07:00:37 GMT x-amz-version-id vSbaHMcDYJkUdL3hvmaQ5PpWXDh6y8qt content-encoding br via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) age 6980981 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 05 Oct 2023 08:33:11 GMT server AmazonS3 etag W/"a5cf732b15078843b237bd58f3ed44cd" vary Accept-Encoding content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id VNbJzM-KAWOwLKQlMcN0MAdoHoYXNpVi3DWZOB3SnU1LQC0rBUsRyQ==
GET H2	200	api.min.js Show response a.omappapi.com/app/js/	51 KB 18 KB	31ms 8ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 7c30ea86cee07091748087becac959aaa4c528d522a604e27ae35fec322c4248 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-663 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Mon, 25 Mar 2024 18:19:30 GMT server BunnyCDN-DE1-1081 cdn-fileserver 728 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"6601c032-cbe7" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 5e7cdcef3630826becdc2ebd0a433fa9 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	indexV1.css cdn.privado.ai/version/	9 KB 2 KB	8ms 8ms	Stylesheet text/css	2600:9000:225e:9600:14:dc98:7700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privado.ai/version/indexV1.css Requested by Host: text URL: data:text/css,@import%20url%28%27https%3A//cdn.privado.ai/version/indexV1.css%27%29%3B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:9600:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b9ce9e5ab558f8774690620818b8c908516eb0973fd8d8c5890ee914e2f3dd0b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id _B0eOEcwYdXpeMn_c.asx3DOx0uy2s80 content-encoding gzip via 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront) date Wed, 27 Mar 2024 00:43:14 GMT last-modified Tue, 04 Oct 2022 20:12:40 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 70537 x-amz-server-side-encryption AES256 etag W/"0813fc920138afc00257b34ac67ec0fe" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css x-amz-cf-id lff_7VGqYZ5Vx9zXOvPyDd4DDAUSauUTyeUCk0-TDU-uFob4yUokVA==
GET DATA	200 OK	truncated /	58 B 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a729bf8c024d5760c02ecaba0804fce0c8256bcba9b507a3bfc528a9a366d6ac Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type text/css
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 702 B	168ms 150ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://www.oligo.security/ sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 540DB0813FEF476EACCF248A9BE062C9 Ref B: FRAEDGE2016 Ref C: 2024-03-27T02:10:17Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 access-control-allow-origin https://www.oligo.security x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYUmuhxU4Cxu9LnpU4E5A==
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	35ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-MF9NP2JYC7&gtm=45je43p0v9102446020z8898424824za200&_p=1711505417201&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=627790811.1711505417&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711505417&sct=1&seg=0&dl=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&dt=ShadowRay%3A%20First%20Known%20Attack%20Campaign%20Targeting%20AI%20Workloads%20Exploited%20In%20The%20Wild&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=509 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MF9NP2JYC7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 27 Mar 2024 02:10:17 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.oligo.security cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1711505417468&li_adsId=b38eb8bb-1903-4844-b6e5-ee75ecde21eb&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloa... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1711505417468&li_adsId=b38eb8bb-1903-4844-b6e5-ee75ecde21eb&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloa... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1711505417468&li_adsId=b38eb8bb-1903-4844-b6e5-ee75ecde21eb&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-worklo...	0 263 B	175ms 154ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1711505417468&li_adsId=b38eb8bb-1903-4844-b6e5-ee75ecde21eb&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true&e_ipv6=AQKnCtmNOtukOAAAAY59rCXm3XJyMT3u-Zb8ZMBC7HtwfqoYXHtLVoK20ZlDv6w1Ew Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.oligo.security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: D448E19CC24B45849C2FF89BCE8F5448 Ref B: FRAEDGE1117 Ref C: 2024-03-27T02:10:17Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYUmuh2hs/OcVJLsd050A== Redirect headers date Wed, 27 Mar 2024 02:10:17 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: E859C4D73D76454DB06AF87AAE5AE83C Ref B: FRAEDGE2016 Ref C: 2024-03-27T02:10:17Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1711505417468&li_adsId=b38eb8bb-1903-4844-b6e5-ee75ecde21eb&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true&e_ipv6=AQKnCtmNOtukOAAAAY59rCXm3XJyMT3u-Zb8ZMBC7HtwfqoYXHtLVoK20ZlDv6w1Ew x-li-proto http/2 content-length 0 x-li-uuid AAYUmuhz7wP6zIRagMCmaA==
GET H2	200	v2.js Show response js-eu1.hsforms.net/forms/embed/ Frame C005	481 KB 153 KB	15ms 15ms	Script application/javascript	172.65.255.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsforms.net/forms/embed/v2.js Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b715034010b1479e7a4a2e5d571689fd05142a6a765fa341fb8f61e9ce576329 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 64 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4774/bundles/project-v2.js&cfRay=86abd64b59161b36-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"9485dc4b1fa9efefba4862f8a0581794" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.4774/bundles/project-v2.js date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id 9d7EqS.wP16C3hZhn1hsKrzc1cSTV7NB via 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 25a1a5fa-041d-4960-8c82-80c7cc64a4d2 x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 8 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 25a1a5fa-041d-4960-8c82-80c7cc64a4d2 last-modified Thu, 29 Feb 2024 15:14:22 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRVk9%2BbZQx%2FAYsUhN0EO7KFdIfG6IrV5GVXnuN0bVA6pWiIA2i%2Fcaof3gntlgDW4IrDbALn1mho8mciY%2BN%2B3%2FNSH6bY6lw9UX815Uo5v3syPkYSgfVC9I7wIIA8nnpQ7WMTAQg%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status MISS x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-87cgv cf-ray 86abd7db4fb72c04-FRA x-amz-cf-id SGoFS60e2-SuMIPhJdG0kYNR2nvDS7AyRxE_o7oWs_1YAtYYAlPapw==
GET H2	200	26088573.js Show response js-eu1.hs-analytics.net/analytics/1711501500000/	66 KB 21 KB	100ms 50ms	Script text/javascript	172.65.238.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-analytics.net/analytics/1711501500000/26088573.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a153448e5ad1527c9fa2d5cbf69c8ff2144eaa3c9fcfbcb067854a94640c3d41 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cf-cache-status REVALIDATED x-amz-request-id HDNQTK8B8ZJE6B21 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 6da52ec3-348c-449a-8fec-aa4e26e17101 x-envoy-upstream-service-time 42 x-amz-id-2 cabqn/7uBeEDtfOKJAts2hc1h/NY7ZVBxpHCNa3+KvLwPdNaEvhHMlQ/4QKZxiluoYLkgSXZVrM= x-evy-trace-listener listener_https x-request-id 6da52ec3-348c-449a-8fec-aa4e26e17101 x-evy-trace-route-configuration listener_https/all last-modified Tue, 27 Feb 2024 15:34:34 GMT server cloudflare etag W/"9ad615665ce884da9c114df6aabbc1a1" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-69d6cc4745-kkkrt cache-control max-age=300,public access-control-allow-credentials false cf-ray 86abd7db9d841cbf-FRA expires Wed, 27 Mar 2024 02:15:17 GMT
GET H2	200	banner.js Show response js-eu1.hs-banner.com/v2/26088573/	70 KB 23 KB	107ms 56ms	Script text/javascript	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/26088573/banner.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef85180c9f0d7d99ab5e50ee8031229f5dd9836991944947a529ddc8def7eb3c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id vLdJifXCvih5KubkHWZZuBRSX70E.x3M content-encoding br cf-cache-status REVALIDATED x-amz-request-id Z4T8AP01SAT14MTC x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id b092b0fd-cb61-4122-9a8d-5d9749625851 x-envoy-upstream-service-time 44 x-amz-id-2 62arFeYjt9xC/Ajvm0RGf9AhyNo8AsfLBZqG6Pbh/dabf8dUkQ+A1/9UsQWosvI+w+hzJhAwZ60= x-evy-trace-listener listener_https x-request-id b092b0fd-cb61-4122-9a8d-5d9749625851 x-evy-trace-route-configuration listener_https/all last-modified Mon, 25 Mar 2024 21:29:02 GMT server cloudflare etag W/"0092ea2632400aecf9b7c39abbf2cccb" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://oligosecurity.webflow.io x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-69d6cc4745-kkkrt vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 86abd7db98103a54-FRA expires Wed, 27 Mar 2024 02:15:17 GMT
GET H2	200	collectedforms.js Show response js-eu1.hscollectedforms.net/	69 KB 25 KB	69ms 19ms	Script application/javascript	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hscollectedforms.net/collectedforms.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id VTCx5Wpr_CjwKFe_1K6ShUsHQL37oHcJ via 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED x-amz-cf-pop FRA60-P6 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 01b13e04-447c-4443-bac6-6ab0704d91b8 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.468/bundles/project.js&cfRay=86abd7db9c144dc7-FRA x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 01b13e04-447c-4443-bac6-6ab0704d91b8 last-modified Wed, 21 Feb 2024 09:36:07 UTC server cloudflare etag W/"0892458d49ed5681928e6be69131caa7" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-nndz2 cf-ray 86abd7db9c144dc7-FRA x-amz-cf-id G-oJHwHzAwlMxLy77t4sBGqrN482mq_OFRsxrKP--ta5FmPEne-GyQ== x-hs-target-asset collected-forms-embed-js/static-1.468/bundles/project.js
GET H2	200	fb.js Show response js-eu1.hsadspixel.net/	6 KB 4 KB	65ms 15ms	Script application/javascript	172.65.219.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsadspixel.net/fb.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c017dd8949f210767e79d84da7308acbe5f1070e157277687e2875a81ddfddd6 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id m2QwHR_yTdskzMN6ujPft62H9.GqHbkx via 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop FRA60-P6 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 989ea94f-ae6a-4354-9487-18ac383eafe1 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.543/bundles/pixels-release.js&cfRay=86abd08cbc5b9f28-FRA x-cache Hit from cloudfront cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br age 299 x-envoy-upstream-service-time 28 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 989ea94f-ae6a-4354-9487-18ac383eafe1 last-modified Tue, 26 Mar 2024 13:54:00 UTC server cloudflare etag W/"cb849cf7bbbd0c8cb1c20e6663f6af68" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status MISS x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-87cgv cf-ray 86abd7db98922bac-FRA x-amz-cf-id Sz94JO_Dgl_lhgTM8lZ98oOm7FxbV1CCbea0Btjp9rYcKeMWgb31sA== x-hs-target-asset adsscriptloaderstatic/static-1.543/bundles/pixels-release.js
GET H2	200	63ea1c60a717a64c03041370_Runtime%20application%20security%20and%20observability-Oligo%20-%20CTA.json Show response assets-global.website-files.com/63dbb928e89213590c5bfd53/	443 KB 310 KB	27ms 11ms	XHR application/json	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63ea1c60a717a64c03041370_Runtime%20application%20security%20and%20observability-Oligo%20-%20CTA.json Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/js/webflow.adfd53a61.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 199edd020f45388dd1a0eb3de4d584b7f1872428fbbf0ae11bdf0ebbc8bdfeb1 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Jan 2024 08:54:55 GMT x-amz-version-id 85LR1kgdUwofcmd9.enrfDdEA6_45k3P content-encoding br via 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront) age 6196523 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 13 Feb 2023 11:17:54 GMT server AmazonS3 etag W/"d5650e85eaefd4e48cccd9b7b311082e" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id iXrUftqksDmLmNdjXrBJ0ieQXys5MtjXjHvksgr05YAoLgQQuBBkDQ==
GET H2	200	v2.js Show response js-eu1.hsforms.net/forms/embed/ Frame 54A6	481 KB 153 KB	17ms 17ms	Script application/javascript	172.65.255.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsforms.net/forms/embed/v2.js Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b715034010b1479e7a4a2e5d571689fd05142a6a765fa341fb8f61e9ce576329 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 64 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4774/bundles/project-v2.js&cfRay=86abd64b59161b36-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"9485dc4b1fa9efefba4862f8a0581794" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.4774/bundles/project-v2.js date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id 9d7EqS.wP16C3hZhn1hsKrzc1cSTV7NB via 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 25a1a5fa-041d-4960-8c82-80c7cc64a4d2 x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 8 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 25a1a5fa-041d-4960-8c82-80c7cc64a4d2 last-modified Thu, 29 Feb 2024 15:14:22 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1MVEXKInMaJSeY4LvnKIA7bwbqRXsNzGKGhpXZ%2Fj8lzxNDHYKWVBrsMHadGBogmGCx4F4NB5s0XMgr%2FhWqfJ6cIvvM6tmg9Erj%2BQhUdwa%2BLIxc4QWq%2F%2FDp0Ye8gr0IqeXjy1g%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status MISS x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-87cgv cf-ray 86abd7db5fc42c04-FRA x-amz-cf-id SGoFS60e2-SuMIPhJdG0kYNR2nvDS7AyRxE_o7oWs_1YAtYYAlPapw==
GET H2	200	api.min.css a.omappapi.com/app/js/	10 KB 3 KB	8ms 8ms	Stylesheet text/css	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.css Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash d8ebc2b139b503f1c654388426cb02a34f494509bb62e53fa9844830ecdab65c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1082 perma-cache HIT cdn-storageserver DE-679 cdn-cachedat 03/27/2024 01:10:04 cdn-pullzone 293267 last-modified Mon, 25 Mar 2024 18:19:38 GMT server BunnyCDN-DE1-1081 cdn-fileserver 587 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"6601c03a-2644" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid a81ebad2bb9ad6a1924bc97fb465cc88 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	317569 Show response api.omappapi.com/v2/embed/	5 KB 2 KB	137ms 108ms	XHR application/json	2606:4700:3108::ac42:2af8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/317569?d=oligo.security Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2af8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43d1e67a2e894c20271007279f6032603d835c9172f6a3a012e43f3007e438aa Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding gzip via 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront) cf-cache-status DYNAMIC x-cache-config 0 0 x-amz-cf-pop FRA60-P10 x-cache-status HIT x-cache Miss from cloudfront x-optinmonster-account 336674 x-user-agent standard-- last-modified Mon, 25 Mar 2024 13:30:04 GMT server cloudflare etag W/"e180e7725353ceca7b76e2bbcc091f54" vary Accept-Encoding, User-Agent content-type application/json access-control-allow-origin * access-control-expose-headers X-OptinMonster-Account, X-User-Agent cache-control public, max-age=30, stale-while-revalidate=1800 cf-ray 86abd7db9eef1945-FRA access-control-allow-headers X-CSRF-Token x-amz-cf-id mbf0VWqAwzGsEiKBY7SKJK8M-t4HBmOPelDY_CQxDpI2H3ZEmB2LjQ== expires Wed, 27 Mar 2024 01:59:18 GMT
GET H3	200	counters.gif forms.hsforms.com/embed/v3/	35 B 736 B	127ms 116ms	Image image/gif	104.18.160.125 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.160.125 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id b5aee0fe-849f-4127-829a-0c8c7611605b x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b5aee0fe-849f-4127-829a-0c8c7611605b server cloudflare x-trace 2B7DDC1865217057D6F49ABA013629ED1598A83742000000000000000000 vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-74c94cd679-fvpq4 access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 86abd7dbb9ef1db1-FRA
GET DATA	200 OK	truncated /	27 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1aad639db4761313e379313bd160db8383ba569f5ad869320b399168890ba716 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	20 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a17dafd72b90f331e2c2b39725103c86e28f248432afe0eca3367a403192f9af Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	28 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d64bfd2f19b569cb9b9ad4c9f3183e097378cdc24863c0fb380d4e8dcd702b24 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	37 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56f89b529d3ae32e7ba6175c30c1d04c7df4f4ea67bb7b5ed0f160ca87e00e1e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	33 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc0aaecc5bd879dc1c14c28524bbdc9dd9e3254ee383156709d073b50135ba65 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	27 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 16b27d1adef67c2363ff3b3af1b8439efdf36f57fc30aed6f3f7aaa59edd31d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	43 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 966f96ad4d511b3b134817e612cd8efa16d4ba693dacb7bba5522807d664c078 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	25 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65bd183a8e6b6e87555bb7aad153c7b18c9edb58b4daba4b265345dda21a9c91 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	27 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f8e1a9995baf1e6cf3208860c38185eb6c78cd1a0bbda27c82b01caa1ec9ad1e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	49 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b5f6a87cbf95c32bf63d3903a55530a886750b8ca02ad3548604b3cc73da2d6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	css2 fonts.googleapis.com/ Frame C005	2 KB 852 B	36ms 15ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0ad451e8b28ec1e09590b92eff4648c1c79e5b369608d4331fc62745859a3fa8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 27 Mar 2024 02:10:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 27 Mar 2024 01:26:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 27 Mar 2024 02:10:17 GMT
GET H/1.1	200 OK	counters.gif forms-eu1.hsforms.com/embed/v3/	35 B 1 KB	356ms 38ms	Image image/gif	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 27 Mar 2024 02:10:17 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id b44c3efb-49d0-4679-a95c-427a83c09452 x-envoy-upstream-service-time 7 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b44c3efb-49d0-4679-a95c-427a83c09452 Server cloudflare X-Trace 2BCEF1FB7B5C6405A8004C89F1B832CF94CF03AA9E000000000000000000 Vary origin Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-58dc5458ff-lwrvs Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false X-Robots-Tag none CF-RAY 86abd7de0eef696a-FRA
GET H2	200	css2 fonts.googleapis.com/ Frame 54A6	2 KB 516 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0ad451e8b28ec1e09590b92eff4648c1c79e5b369608d4331fc62745859a3fa8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 27 Mar 2024 02:10:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 27 Mar 2024 01:22:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 27 Mar 2024 02:10:17 GMT
GET H2	200	cf-location Show response js-eu1.hs-banner.com/v2/	5 B 148 B	32ms 14ms	Fetch text/plain	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/cf-location Requested by Host: js-eu1.hs-banner.com URL: https://js-eu1.hs-banner.com/v2/26088573/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36e656dcf10b15e4d5136fffafe93b8206a2c6fe48cec76f9273570ba2c20334 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private, max-age=1500 cf-ray 86abd7dc49852bf2-FRA content-length 5
GET H2	200	json Show response forms-eu1.hscollectedforms.net/collected-forms/v1/config/	116 B 437 B	116ms 98ms	XHR application/json	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26088573&utk= Requested by Host: js-eu1.hscollectedforms.net URL: https://js-eu1.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c5013b0c800324264ccbe5fe549f21cc08e7db884d957f40f96186493bce359 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept application/json, text/plain, */* Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 85352bff-656d-4adc-95d6-9045f2c002d2 x-envoy-upstream-service-time 11 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 85352bff-656d-4adc-95d6-9045f2c002d2 server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.oligo.security x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-87cgv access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 86abd7dc4c5a4dc7-FRA
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/ Frame C005	8 KB 8 KB	29ms 9ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 07:57:48 GMT x-content-type-options nosniff age 65549 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Mar 2025 07:57:48 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/ Frame 54A6	8 KB 8 KB	26ms 10ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://www.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 07:57:48 GMT x-content-type-options nosniff age 65549 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Mar 2025 07:57:48 GMT
GET H2	200	5.ad5ae419.min.js Show response a.omappapi.com/app/js/	16 KB 6 KB	9ms 9ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/5.ad5ae419.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 5fd85023d4b7e68daa580930db825421c34ce8a005748eca44c2396922b2402e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-661 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:21:07 GMT server BunnyCDN-DE1-1081 cdn-fileserver 750 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08f03-418b" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 8a0006fca331504da96b1efd47104c93 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	json Show response api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	114 B 1 KB	68ms 31ms	XHR application/json	2a06:98c1:3200::90:1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=26088573 Requested by Host: js-eu1.hsadspixel.net URL: https://js-eu1.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6db7b2c241104c68064ee3e78c314510984ab6d446e4096acca7d5e7a499522 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 5ebcb521-92b2-4503-aa7a-958a6e98dde8 content-encoding br x-envoy-upstream-service-time 7 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5ebcb521-92b2-4503-aa7a-958a6e98dde8 server cloudflare vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.oligo.security x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials false x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-77d7fcd6b5-txrv2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8TQRGmhPPsPOtT6wP%2Fjn9%2FirYC66dSvr%2BXDcmFtGk%2FOkXUU00xWTDGl8N0UkVr3Z8pkZlDMuTZ7Be39urM8WGh2KwGRKs1GRDqiRPnteyFTS9%2F3%2FZe3frx1BGgsRFydT%2FpYU5DD674hQw4BmNHObaQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 86abd7dcab035d4d-FRA access-control-allow-headers *
GET H2	200	4.9015859b.min.js Show response a.omappapi.com/app/js/	48 KB 14 KB	9ms 8ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/4.9015859b.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 6cb00adb5411166c11f82e48acda1778c7b6783cc5dfccd5d4ed35bc80c17004 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-664 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:21:06 GMT server BunnyCDN-DE1-1081 cdn-fileserver 728 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08f02-c029" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid fbd50f5656c8a3c6495caf75453af890 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	20.41293cba.min.js Show response a.omappapi.com/app/js/	4 KB 2 KB	6ms 6ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/20.41293cba.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 9f4951170f17592fd277fcf1fb466699c0c6b653648f48e75f7b9be459eb68fb Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-680 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:02:36 GMT server BunnyCDN-DE1-1081 cdn-fileserver 750 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08aac-1062" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid c28caebc9495888985d014ae497074a1 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	19.b4e5b44b.min.js Show response a.omappapi.com/app/js/	4 KB 3 KB	7ms 6ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/19.b4e5b44b.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 753fb193306c662fa5918a839c29e6ac2aa6f6bc9067897914f7f88cb0b7b13a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1079 perma-cache HIT cdn-storageserver DE-664 cdn-cachedat 03/26/2024 20:58:49 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:02:36 GMT server BunnyCDN-DE1-1081 cdn-fileserver 750 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08aac-10b0" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 9c4a68283748355c2d15be597bb98be6 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	27.3a0276ec.min.js Show response a.omappapi.com/app/js/	6 KB 3 KB	8ms 6ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/27.3a0276ec.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 4bfd05317af198eeff0e0ba17139ce5a30b4b4a7cdc078f4aa9d5f86ed297ff5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1081 perma-cache HIT cdn-storageserver DE-679 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:10:35 GMT server BunnyCDN-DE1-1081 cdn-fileserver 587 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08c8b-1973" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 6833c3edae1c9df139196e79d25e0fec cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	32.b9065693.min.js Show response a.omappapi.com/app/js/	11 KB 5 KB	8ms 7ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/32.b9065693.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-51 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Mon, 18 Sep 2023 16:47:33 GMT server BunnyCDN-DE1-1081 cdn-fileserver 587 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65087f25-2c41" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid b68088c4cf708c576ee6f1cc82fd3998 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	10.d6ea746c.min.js Show response a.omappapi.com/app/js/	33 KB 10 KB	9ms 8ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/10.d6ea746c.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash dd46cd5b40060d4af54ab1826b49823e50e5765743b99854f649cd3328df54fd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1081 perma-cache HIT cdn-storageserver DE-679 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:10:35 GMT server BunnyCDN-DE1-1081 cdn-fileserver 587 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08c8b-8515" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 5613241f7cdd60eec17f82bdd79e4c5f cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	0.3271ac0a.min.js Show response a.omappapi.com/app/js/	7 KB 3 KB	10ms 9ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/0.3271ac0a.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 7ce730c88c3e9b94213f122d60df45837854975bb99a738f5a1c6890dd897fa5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-661 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:10:35 GMT server BunnyCDN-DE1-1081 cdn-fileserver 709 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08c8b-1d49" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid a51eaef63208407e77807944048f6405 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	9.09463684.min.js Show response a.omappapi.com/app/js/	2 KB 2 KB	10ms 10ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/9.09463684.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 85ac85413190c43521f591c1a6396da00ca53691e1f5efa474b98eb19355864e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1079 perma-cache HIT cdn-storageserver DE-663 cdn-cachedat 03/26/2024 20:58:49 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:10:35 GMT server BunnyCDN-DE1-1081 cdn-fileserver 728 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08c8b-879" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid f5193c3e2436d9bdc75239f1b7751896 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	11.f24aae20.min.js Show response a.omappapi.com/app/js/	3 KB 2 KB	11ms 10ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/11.f24aae20.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash a8e8b78aa3a03c4da90595ae6701a7354f96b39eb7c2bfe8d48eea3c598a900e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-383 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:02:35 GMT server BunnyCDN-DE1-1081 cdn-fileserver 728 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08aab-a40" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 5774b98faf31f0cef04bd1f004dd171c cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	28.b1a68bf1.min.js Show response a.omappapi.com/app/js/	3 KB 2 KB	12ms 11ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/28.b1a68bf1.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 7145f523095f6104f82d9dbd26409181378e073eecfa04beec262ae8e99fc02f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-662 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:10:35 GMT server BunnyCDN-DE1-1081 cdn-fileserver 587 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08c8b-d7b" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 8079fb9a68593a683520d051e93f776f cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	26.ece538f7.min.js Show response a.omappapi.com/app/js/	2 KB 1 KB	12ms 12ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/26.ece538f7.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 40f5fcdf443b5777b6c40b7bcfb16ffb819fb166c7fb03dc4d3051f298b3a0c5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1081 perma-cache HIT cdn-storageserver DE-680 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:10:35 GMT server BunnyCDN-DE1-1081 cdn-fileserver 709 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08c8b-6b6" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 3c36b5489bb0d24858762af1228e9963 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	16.f8b2cea4.min.js Show response a.omappapi.com/app/js/	1 KB 1 KB	13ms 12ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/16.f8b2cea4.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash a6117ff5cc0820717586d0f2ca8695cad42bf4194bcd64bcfb089c868dd9f292 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-663 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:10:35 GMT server BunnyCDN-DE1-1081 cdn-fileserver 587 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08c8b-51f" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid fc7f6bbd99d57319fe2f005630fa19a7 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	1.16e17b47.min.js Show response a.omappapi.com/app/js/	11 KB 3 KB	14ms 14ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/1.16e17b47.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 9f9699a065e971f34cfbdb96432b0d18a75bfe1d10f5cdfa4200ed71a83477fd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1082 perma-cache HIT cdn-storageserver DE-383 cdn-cachedat 03/26/2024 18:02:41 cdn-pullzone 293267 last-modified Mon, 25 Mar 2024 18:19:29 GMT server BunnyCDN-DE1-1081 cdn-fileserver 587 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"6601c031-2b7e" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid eea7c7680afd4c727ab0b30acad43998 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	21.40afa0f2.min.js Show response a.omappapi.com/app/js/	2 KB 2 KB	13ms 13ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/21.40afa0f2.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash dc5d4b967ffff9726af04edc42a6fd8c0d270e5d3cf4585ce67ddb2e63848935 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br cdn-edgestorageid 1079 perma-cache HIT cdn-storageserver DE-661 cdn-cachedat 03/26/2024 20:58:49 cdn-pullzone 293267 last-modified Tue, 12 Mar 2024 17:02:36 GMT server BunnyCDN-DE1-1081 cdn-fileserver 750 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"65f08aac-81f" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 29b9ab532b90115cc0409d577b5ea066 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	bundle.production.js Show response static.hsappstatic.net/head-dlb/static-1.567/ Frame B95D	44 KB 16 KB	33ms 16ms	Script application/javascript	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/head-dlb/static-1.567/bundle.production.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a127f13bbe8131ad9efe7a425105a7c3e47091c23a2d9e5e39561b546d1846c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id oZfyuuPXd.zblRFhOQDrZ02k.4GQ4r0D via 1.1 1a425d1c4a67bd62cbf8d7a0405627da.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 151453 x-amz-server-side-encryption AES256 content-encoding br x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 06 Mar 2024 18:13:42 GMT server cloudflare etag W/"ac4470564033e2ef9684aeeb24c73dc5" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFoCoYifonQaNZyy7L7S17S0%2BfRd4d8yZlryVqdlDeKRN%2FiyegfIxhtBfCXI0KPtOHUWFCHnGzpjhVEbW4ksjLL77BjRgvu9QrzlT0eATzCCXusy6nf0%2BIK%2FieE8MJcgP3LN6KmsnMDmp6m2Bqrk9kdCr9k%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 86abd7dd19ed1909-FRA x-amz-cf-id hx1DTk24Rzuu2XgAxGGYN_g3BtkBaC__uutwoAaeTuMDGV-zdTEXhg== expires Thu, 27 Mar 2025 02:10:17 GMT
GET H2	200	configure-monitoring-eu1.js Show response static.hsappstatic.net/MeetingsPublic/static-1.40200/html/ Frame B95D	535 B 762 B	33ms 16ms	Script application/javascript	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsPublic/static-1.40200/html/configure-monitoring-eu1.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d12916104992a4cff8788f3595ae80a08d96017f8025d9c148d24d542954d55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id XZNcAiU4cW1YLyd0jCH0gxROKx3ZWVqI via 1.1 3795f016a55ba5101e4bd9359c7bc306.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 151452 x-amz-server-side-encryption AES256 content-encoding br x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 18 Mar 2024 19:53:39 GMT server cloudflare etag W/"9497b8de03d7f70a8a19247858b9ec05" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bp7MsoLVtIXqW99NMDrViWpRpSBflVXacp2Cmqo6aUqS3%2B%2FHwEJiEjSSyLeqs8NkWgReA1K23jYdDkaogFUgUc%2FXzsh4gSLuD6Lrnum5YEETiajSrL%2BqMUyESXW9gVG1vvb%2BNCKF28YXkJo%2BIhjCMDd7eR0%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 86abd7dd29f11909-FRA x-amz-cf-id fu90bmdDEyUUnzRs0Y-mrum2lAKphNFWvulbQOSZrU8N7UmriR-w3g== expires Thu, 27 Mar 2025 02:10:17 GMT
GET H2	200	book-info-early-requester.js Show response static.hsappstatic.net/MeetingsPublic/static-1.40200/html/ Frame B95D	3 KB 2 KB	32ms 16ms	Script application/javascript	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsPublic/static-1.40200/html/book-info-early-requester.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed82e64580bca014764019da1c773c23bfa503308446575d207c55302eb281b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id O.qUGOth7F.ogc_UCu6xnt6ntALlVTRP via 1.1 2438c7952a70ed73eaebfbf78bd1000c.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 151452 x-amz-server-side-encryption AES256 content-encoding br x-cache Miss from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 18 Mar 2024 19:53:39 GMT server cloudflare etag W/"d773f63bcbb21de2a87a33b3a2f2f8f6" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zzk8BDotm%2FX0omEGgUhykSo5sCCPo2wIxm7QotRrB9uE5vjD0SnqXFnMwsk1rbpb7eaa6ssL%2BV999F3FC68gvXrFUPkVdC61AirNGRHncN4W5FcppoDDodK7KQc5br13C2lUtRLKbdGxHQXGfquaFE%2FrNls%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 86abd7dd19ef1909-FRA x-amz-cf-id nKO7crT6KJtZEL0YYD_3PDFQh5gt-hbzCsuT4IzTt5T1VDMo3MdtSg== expires Thu, 27 Mar 2025 02:10:17 GMT
GET H2	200	project_with_deps.css static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/ Frame B95D	184 KB 25 KB	19ms 19ms	Stylesheet text/css	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbc9cc04731262e4bda5caffc17015a178358d9d2a41328f4861fc2d5bbfd7ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id yXDjIPkuu5xp_vswBl402YqLUU1X_otv via 1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 age 713631 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 18 Mar 2024 19:53:39 GMT server cloudflare etag W/"d081a2b60eac3a35f953e3ad5d62926b" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqUF3xiZaTKajsIsWbWobHTyGPgfVaS2BSDn%2FbJL36N1yWllCuYCUgfb%2F4uiwMdXr5vg6MoBsG0zsMXqpMDOqRIOtfR6sfMofzfufcvri6fDB4iGrNP5eg8GiES5o6yxlWbZPNSeWXfL0VDWyy0095gbxD8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 86abd7dd09ee3815-FRA x-amz-cf-id Yhom3PLjgyxdKAUfOHKq11FcpfIzRHmQi-Drh1n9s26On3tIBDJsCg== expires Thu, 27 Mar 2025 02:10:17 GMT
GET H2	200	bundle.production.js Show response static.hsappstatic.net/hubspot-dlb/static-1.555/ Frame B95D	300 KB 95 KB	36ms 19ms	Script application/javascript	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/hubspot-dlb/static-1.555/bundle.production.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82716c51634b1124c81d4ffdb8af2e50f836f761ea3ebf3cc646e501ad60a5bc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id 8xriyagn9J.GvZFSllHXNZvgWmyoNDAl via 1.1 b12493f4f82b360a236f87474564427a.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 151453 x-amz-server-side-encryption AES256 content-encoding br x-cache Miss from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 13 Mar 2024 22:28:08 GMT server cloudflare etag W/"70430413a05cded02f21c1046fb41211" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abwCLuCG47IKPQEzAg5JH5yZS8xkV78XC2k5t2whRwCh7CNgKfVyi1HnPbPGGhm8HLu4ebk20vlNisMRDIqQzzZMzKfcmJWfUByOpcV0YqG5MuAO2ZR4HkqVvZmpnoFaH0zucFDXGtAzn3o21kpaXDTbzoA%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 86abd7dd29f41909-FRA x-amz-cf-id HCvWzl6IzmUhWvzFP3bJsZHf5v4lLgzVvNaW7ww3P6aH9DbOix_A5g== expires Thu, 27 Mar 2025 02:10:17 GMT
GET H2	200	project.js Show response static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/ Frame B95D	1 MB 344 KB	33ms 17ms	Script application/javascript	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a191f56e672108bffbf29badb1347dafba701ef6cca9f9f4556883dfc9f37add Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id AMhXLkGYIt39euok_aDY.UZ0e89_QRX1 via 1.1 5b23e906a0b30aeeaaccd141aadaa56c.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop CDG52-P2 age 709807 x-amz-server-side-encryption AES256 content-encoding br x-cache Miss from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 18 Mar 2024 19:53:39 GMT server cloudflare etag W/"1f4b814cba0b6a75bc2b8222a0aa8508" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sy5r%2BkovVxe7uo9frIWZS8JnTKWsXtdkPdPvt7DD9TVOOicodgWTkzzOx8Px7ZLPV0LawHEkQ2ge%2FnATh2OnPyqj47qzcryG49kHlp6naH2f5Rdrb3ufxkTS6c%2BbyRFjsjF%2BcFsPRPtutQQf7CF3XHEVyog%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 86abd7dd29f21909-FRA x-amz-cf-id UkBjco_DsAlRz4q-03c9a2t03fY2w_VBYP-q4FVejaE5bkt64VXvFg== expires Thu, 27 Mar 2025 02:10:17 GMT
GET H2	200	book Show response api-eu1.hubspot.com/meetings-public/v3/ Frame B95D	16 KB 4 KB	472ms 423ms	XHR application/json	172.65.202.85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubspot.com/meetings-public/v3/book?slug=mktg%2Fshadowray&now=1711505417804&includeInactiveLink=true&location=go.oligo.security&hubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&timezone=Europe%2FBerlin&parentCosPageUrl=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&hs_static_app=MeetingsPublic&hs_static_app_version=1.40200&clienttimeout=12000 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.567/bundle.production.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ab3c56e3cda0655da4480413452168532f99b5ae56feb77271b3c4cbe6b5736 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept application/json, text/javascript, */*; q=0.01 Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id af70ef16-881b-4072-b889-71fb4321b27b content-encoding br x-envoy-upstream-service-time 383 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id af70ef16-881b-4072-b889-71fb4321b27b server cloudflare vary origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uerTsH2W16DFeO%2B3BVxSn85vuJ3hyhTblKNBR8FIEAkfBa8Gz1ZG7X11ZDj9fGabAv08dMPWZSVdcIbIKo7NFoeRFkW7FOY6ui5LOXuY8iFkw9uW0sjFQghlzdIBd6jkpT6rJQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-77d7fcd6b5-qshqw access-control-allow-credentials false cf-ray 86abd7dd9d229b39-FRA access-control-allow-headers Content-Type, X-HubSpot-Static-App-Info
GET H2	200	spacesword-low.woff2 static.hsappstatic.net/icons/static-2.562/fonts/ Frame B95D	49 KB 49 KB	17ms 17ms	Font application/font-woff2	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/icons/static-2.562/fonts/spacesword-low.woff2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42d141278079290804718e929392137f7fbbdfe350394babf5322c75a63b688f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id 9QgKYmhCfF652qqA79lcyJSEaRjNRWE1 via 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 age 55997 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED content-length 50036 last-modified Wed, 14 Feb 2024 15:35:03 GMT server cloudflare etag "ae0299894be58b03118e0fb449b0b19b" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cA4yXKrEevezTdRqnhwwL5KWmmaJnnM%2FYLgw3N6pjGCsnAJNvtyo41dHh4MiD9GqA7FLPDu04jYpJ8kKnbxINDdw4wFtQXw69DTF6kfOXVOGMcDC1A0impAUcyzlA3ivvOFmnVn2GTAmKTez7hwPceVkphM%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 accept-ranges bytes cf-ray 86abd7de1ae31909-FRA x-amz-cf-id LzFPm3Z6A8nDwo2sPFTBndWlqfx54GlMS7AxvML88vu81YeDUf0nFg== expires Thu, 27 Mar 2025 02:10:17 GMT
GET H2	200	LexendDeca-Light.woff2 static.hsappstatic.net/ui-fonts/static-1.313/fonts/ Frame B95D	28 KB 29 KB	16ms 16ms	Font application/font-woff2	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/ui-fonts/static-1.313/fonts/LexendDeca-Light.woff2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e07659d8ab7dcada320134e744176947ca18e9e1cd094081764c1d0cd9af1b7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT x-amz-version-id VT9NMQZ.WLVdHnmNmGrfPDraY5XKg.Tr via 1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 age 55997 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED content-length 29088 last-modified Tue, 02 Jan 2024 19:22:20 GMT server cloudflare etag "f4369286388c3db9746601597e9ddb27" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PkmD0jF0lMa45hIlruu5PovaH6WCJEEQSATe5HgUClG2NDRfWKdjpQo%2Fz0aUWFoXPiEX1R5Df5nVEFGjhN1Tt%2F1a6WMWHgsl82tCvqB9gZdwxgUXcIo3mOwowyy%2FtamYCdnHFXUtP6XZDRyKNk0ZtJNiHi0%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 accept-ranges bytes cf-ray 86abd7de1ae51909-FRA x-amz-cf-id sc-Fv-CEB1CXxkDSq2rUWR9OGMaCqZIL5g6aaduZGvWOfRjJ9x_pyw== expires Thu, 27 Mar 2025 02:10:17 GMT
GET H/1.1	200 OK	json Show response pro.ip-api.com/	303 B 459 B	34ms 7ms	Fetch application/json	51.77.64.70 OVH
General Check archive.org Show headers Download Go to Full URL https://pro.ip-api.com/json?key=zPwv6i0dpmS2yR5 Requested by Host: s3-us-west-2.amazonaws.com URL: https://s3-us-west-2.amazonaws.com/b2bjsstore/b/ZQOQRJHZP062/reb2b.js.gz Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 51.77.64.70 , Germany, ASN16276 (OVH, FR), Reverse DNS de-fra-1.pro.ip-api.com Software / Resource Hash 6c436859befe14c6f35b356fd6a820d065a7fcb59d6c042789c4d1e833c37971 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin * Date Wed, 27 Mar 2024 02:10:17 GMT Content-Length 303 Content-Type application/json; charset=utf-8
GET H2	200	nr-spa-1216.min.js Show response js-agent.newrelic.com/ Frame B95D	49 KB 19 KB	22ms 6ms	Script application/javascript	2602:816:5001::39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1216.min.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:816:5001::39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Security Headers Name Value Strict-Transport-Security max-age=300 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id MElzWumrf8lREc3kORDlSWHVtEZAK4m8 content-encoding br via 1.1 varnish date Wed, 27 Mar 2024 02:10:17 GMT strict-transport-security max-age=300 x-amz-request-id TY9JRGV4PP0WZF1F x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 19141 x-amz-id-2 hEx4r1hU0Wtc9uyNqrGzlfmOtUja5/eGieVcA+fwEhwWqw6lxZH8PA35IqgTThXsiATCjwG/mzc= x-served-by cache-fra-etou8220145-FRA last-modified Wed, 18 Oct 2023 21:31:16 GMT server AmazonS3 etag "63e2df852d15ab21d7ff8fc4363222e8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 3442
GET H3	200	zi-tag.js Show response js.zi-scripts.com/	8 KB 3 KB	49ms 26ms	Script application/javascript	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/zi-tag.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa8204005ed25e30f3ee56dbad3afa3c011e12636e75decf2b1aaf22a1c326dd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT x-amz-version-id jWuK40m0MUEUayB9sycJH0u7f85X3F2r content-encoding gzip cf-cache-status DYNAMIC via 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 2630 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 19 Mar 2024 07:02:18 GMT server cloudflare etag W/"2cd903354c7c864dbd543d268219ef1d" vary Accept-Encoding content-type application/javascript cf-ray 86abd7de69b35c85-FRA x-amz-cf-id F5P_VxiRiOad33gjzvqoPNbaLWZMYv2tX4B6VeOWF81nEWMsfCP1cQ==
GET H2	200	blockedDomains.json Show response hubspotonwebflow.com/assets/js/	98 KB 23 KB	27ms 27ms	Fetch application/json	76.76.21.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hubspotonwebflow.com/assets/js/blockedDomains.json Requested by Host: hubspotonwebflow.com URL: https://hubspotonwebflow.com/assets/js/form-124.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:17 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::rvccg-1711505417967-096bd0177948 age 480584 x-matched-path /assets/js/blockedDomains.json etag W/"04708d47dd194d37b8231a65de7a66f1" x-vercel-cache HIT content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="blockedDomains.json"
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 746 B	93ms 44ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=800x600&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2141725003&v=1.1&a=26088573&rcu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&pu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&t=ShadowRay%3A+First+Known+Attack+Campaign+Targeting+AI+Workloads+Exploited+In+The+Wild&cts=1711505417963&vi=51a5651d47027800ab1dbb0e123bd5e2&nc=true&u=263486035.51a5651d47027800ab1dbb0e123bd5e2.1711505417962.1711505417962.1711505417962.1&b=263486035.1.1711505417962&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 7edf0c9e-5180-4176-9492-594545a78c84 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 2 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 7edf0c9e-5180-4176-9492-594545a78c84 last-modified Wed, 27 Mar 2024 02:10:18 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oD%2FWBwbepW1pAW8dp0nAy3%2FK1MZz42zLqXtEE7R%2B2zhjuoQ1y573dSGLl6lO4rksGR7GFk32QpuXiWWyycuUTbn6vIw9EwSHjDbZGC0RlNrWHyK57Usvcs6yLc8jpbfI0lyCFAMVyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-66c768894f-clzf6 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 86abd7de980c2baa-FRA x-robots-tag none
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 1 KB	86ms 39ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=124733a1-1952-419d-808a-0ff59ea44829&fci=a2b9ce2a-03f5-4a20-a597-392eee2bdada&ft=0&sd=800x600&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2141725003&v=1.1&a=26088573&rcu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&pu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&t=ShadowRay%3A+First+Known+Attack+Campaign+Targeting+AI+Workloads+Exploited+In+The+Wild&cts=1711505417964&vi=51a5651d47027800ab1dbb0e123bd5e2&nc=true&u=263486035.51a5651d47027800ab1dbb0e123bd5e2.1711505417962.1711505417962.1711505417962.1&b=263486035.1.1711505417962&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 49aec7a2-b2a4-4157-9720-79dd15b5914e p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 5 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 49aec7a2-b2a4-4157-9720-79dd15b5914e last-modified Wed, 27 Mar 2024 02:10:18 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mP3UmvUqCipjX5PRom6p4S9FZBC1iVdy88KuVOPWXzuPOM9DrbJpT1zfaPP5WHZdwP%2FLwKcPLn9YU%2Fmaao9uuyN2i1OIulSZHPJRE62UY%2FJMeD0y78oeMrdvbpQ2xuO6eqJ1aW9J2A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-66c768894f-v8t5b x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 86abd7de980e2baa-FRA x-robots-tag none
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 747 B	89ms 45ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=124733a1-1952-419d-808a-0ff59ea44829&fci=8530a484-b24b-4091-aa8a-e2d2600f60b9&ft=0&sd=800x600&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2141725003&v=1.1&a=26088573&rcu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&pu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&t=ShadowRay%3A+First+Known+Attack+Campaign+Targeting+AI+Workloads+Exploited+In+The+Wild&cts=1711505417968&vi=51a5651d47027800ab1dbb0e123bd5e2&nc=true&u=263486035.51a5651d47027800ab1dbb0e123bd5e2.1711505417962.1711505417962.1711505417962.1&b=263486035.1.1711505417962&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 28ed0fb9-91c1-46f3-bac2-217bef32a325 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 5 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 28ed0fb9-91c1-46f3-bac2-217bef32a325 last-modified Wed, 27 Mar 2024 02:10:18 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zj2ueBzH5%2BpiLGCrWoNOBhUSQNSy0EiF7dwdynn%2FAmslIMMbMAZF5o9ZHno0Riwf0NLiXc08NRL6dnBYYQ2fbqV%2BvsJKIPOrwNYk5FjJ%2BuHKlWXVR6PmqWkA7Uhk76DXROgUnPvkYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-66c768894f-zmgh9 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 86abd7de980b2baa-FRA x-robots-tag none
GET H2	200	63dc074f6af3bb5b1e2372d5_oligo%20fav.png assets-global.website-files.com/63dbb928e89213590c5bfd53/	2 KB 2 KB	9ms 8ms	Other image/png	2600:9000:21f3:b600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63dc074f6af3bb5b1e2372d5_oligo%20fav.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a631b98851a92a2e0ffc0fa9961da6bbfece0f39859eb5b277d480d00ad91213 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Jan 2024 12:24:34 GMT x-amz-version-id HYzzYXk1pypj2EJwX_bz3I5N9QJx1TVy via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 6183943 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1773 last-modified Thu, 02 Feb 2023 18:56:16 GMT server AmazonS3 etag "09dfdb41113621bb613ae22cfd1cb31d" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id wTAtniy4262g65uJJnJeBga_tf1_QUcukpTbvX-uV_UsFQSE12WTyg==
GET H/1.1	200	f9d051f404 Show response bam-cell.nr-data.net/1/ Frame B95D	56 B 556 B	470ms 429ms	Script text/javascript	162.247.243.30 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=709&ck=1&ref=https://go.oligo.security/meetings/mktg/shadowray&be=530&fe=681&dc=660&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1711505417276,%22n%22:0,%22f%22:1,%22dn%22:354,%22dne%22:354,%22c%22:354,%22s%22:361,%22ce%22:374,%22rq%22:374,%22rp%22:478,%22rpe%22:481,%22dl%22:481,%22di%22:660,%22ds%22:660,%22de%22:661,%22dc%22:681,%22l%22:681,%22le%22:682%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:false,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22package%22:%22MeetingsPublic%22,%22packageVersion%22:%221.40200%22,%22template%22:%22public-eu1.html.js%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22scriptStartTime%22:527.3999996185303,%22appStartTime%22:612.7999992370605,%22i18nTime%22:616.7000007629395,%22i18nLangLocale%22:%22en-us%22,%22i18nDateNumFormat%22:%22en-us%22,%22isNewI18nLoader%22:true,%22bookInfoFetchPreRender%22:false,%22meetingsLibVersion%22:%22static-2.37583%22,%22reactRhumbVersion%22:%221.10496%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22%7D&jsonp=NREUM.setToken Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.30 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 978cb457b9642722b602ab2f8442966b720f56959197ed53553128b628876c99 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/javascript access-control-allow-origin * access-control-expose-headers Date access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive timing-allow-origin * Content-Length 56 x-served-by cache-fra-etou8220121-FRA
GET H3	200	getSubscriptions Show response js.zi-scripts.com/unified/v1/master/	146 B 517 B	159ms 158ms	Fetch application/json	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0cff6e242e5d9470b1a6a494ebe7b3c0330409d6e6ad26c55b7b0b58ba310b24 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer 6e8d2b53411682427948 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/json Referer https://www.oligo.security/ visited_url https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Response headers date Wed, 27 Mar 2024 02:10:18 GMT via 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront) content-encoding gzip cf-cache-status DYNAMIC x-amz-cf-pop FRA56-P4 x-powered-by Express x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 apigw-requestid VRDxsiblvHcEMzg= server cloudflare etag W/"92-eASVYKNRtQzlzwc3gF3fOZ9opEk" content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cf-ray 86abd7e17f9735f4-FRA x-amz-cf-id 3b45xiHLZNhyZ200wkspYY7QVCxsajJOrkgpTtVBjwINiZ66VPVNIg==
OPTIONS H3	204	getSubscriptions js.zi-scripts.com/unified/v1/master/ Frame	0 0	466ms 447ms	Preflight	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,visited_url Access-Control-Request-Method GET Origin https://www.oligo.security Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * access-control-max-age 0 alt-svc h3=":443"; ma=86400 apigw-requestid VRDxqimmPHcEM0w= cf-cache-status DYNAMIC cf-ray 86abd7debd4b35f4-FRA date Wed, 27 Mar 2024 02:10:18 GMT server cloudflare vary Access-Control-Request-Headers via 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront) x-amz-cf-id a1N9mv-N1Rf1GaRGgsdwcXKLetMhSySJmAwAEFspBp26OnBVx4eiWQ== x-amz-cf-pop FRA56-P4 x-cache Miss from cloudfront x-powered-by Express
GET H2	200	user Show response api-eu1.hubspot.com/meetings-public/v1/book/ Frame B95D	216 B 824 B	43ms 43ms	XHR application/json	172.65.202.85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubspot.com/meetings-public/v1/book/user?hs_static_app=MeetingsPublic&hs_static_app_version=1.40200&includeInactiveLink=true&slug=mktg%2Fshadowray Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.567/bundle.production.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52718b3f073ab2b34a8205c4df3963c4a0e7a43789db9db8408b15e5b4bd1bdf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept application/json, text/javascript, */*; q=0.01 Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 77c1242e-a7bd-4c68-ada5-6098cff0820b content-encoding br x-envoy-upstream-service-time 9 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 77c1242e-a7bd-4c68-ada5-6098cff0820b server cloudflare vary origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YwV1HW6HF%2BWgN%2BRUabGDudKmukKDMqeOrubHJUL52EqEFDbPZvx4BJraSkm5gRhSMa7AaC193GJ0qXcm08i0xE7EXxVZ2a9%2BNwkuBNb%2BmOR26cOQqzO9wWqJF%2BjsXllFb%2BpyGDk%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-77d7fcd6b5-qshqw access-control-allow-credentials false cf-ray 86abd7e04e0b9b39-FRA access-control-allow-headers Content-Type, X-HubSpot-Static-App-Info
GET H2	200	26088573.js Show response js-eu1.hs-scripts.com/ Frame B95D Redirect Chain https://js.hs-scripts.com/26088573.js?analyticsCommon=true&disableCollectedForms=true https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true	2 KB 726 B	23ms 23ms	Script application/javascript	172.65.208.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true Protocol H2 Server 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88e48e2b0cc840f218ab25915d55bfb4ae70db7c6fa48a40561e81d2e5afae66 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.oligo.security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers date Wed, 27 Mar 2024 02:10:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-hubspot-correlation-id c3fe482b-b8ff-4f50-9756-6dc1f5fbb8a1 x-evy-trace-route-service-name envoyset-translator cf-polished origSize=2026 age 3633 x-envoy-upstream-service-time 10 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c3fe482b-b8ff-4f50-9756-6dc1f5fbb8a1 cf-bgj minify last-modified Wed, 27 Mar 2024 01:09:45 GMT server cloudflare access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://go.oligo.security x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-77d7fcd6b5-8hcwm x-evy-trace-virtual-host all access-control-allow-credentials true cf-ray 86abd7e18bdf71d0-FRA Redirect headers date Wed, 27 Mar 2024 02:10:18 GMT x-content-type-options nosniff cf-cache-status MISS x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id d0be0450-fd94-48d1-bcb1-40a449353ef7 x-envoy-upstream-service-time 3 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id d0be0450-fd94-48d1-bcb1-40a449353ef7 server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 location https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5cb9c9b4fd-dr2sw cache-control public, max-age=90 cf-ray 86abd7e0d8b31ac5-FRA expires Wed, 27 Mar 2024 02:11:48 GMT
GET H2	200	LexendDeca-Medium.woff2 static.hsappstatic.net/ui-fonts/static-1.313/fonts/ Frame B95D	29 KB 30 KB	18ms 18ms	Font application/font-woff2	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/ui-fonts/static-1.313/fonts/LexendDeca-Medium.woff2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28e859a343b92d20c6a2fa4424bbdf166ea01d0f479d719823d68872d68103cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT x-amz-version-id NWnch3Rw_siwQPcZvLi0H9AiiMXlVy6i via 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 age 55997 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED content-length 29452 last-modified Tue, 02 Jan 2024 19:22:20 GMT server cloudflare etag "b8a544816ba2b3956f03a168d5001e5f" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJXYjt8yTuGdtRo%2F%2BIosYRkOh2G2jzQVHpI3ng8PySXgYvDmGHIaxQlmFG6JkW5bEe7WlpuMuKnSSlSU4uvmFk39v760pVA1QYuV0lrcYjFSvlXrrllpevpOq8rGHcm%2BKfTXyCErSnhqe%2FGr5zXOlXcByck%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 accept-ranges bytes cf-ray 86abd7e0bd931909-FRA x-amz-cf-id MkMlPWyRTXcD9RnVz-UmWntAoWLAGe3ov4n9i6w7SAPXpk6udwRfBw== expires Thu, 27 Mar 2025 02:10:18 GMT
GET H2	200	LexendDeca-SemiBold.woff2 static.hsappstatic.net/ui-fonts/static-1.313/fonts/ Frame B95D	29 KB 29 KB	17ms 17ms	Font application/font-woff2	2606:4700::6811:c060 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/ui-fonts/static-1.313/fonts/LexendDeca-SemiBold.woff2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1c036584fd4b67f626534b37eef7a19ecf8954e478e78d0329248f2286126e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project_with_deps.css Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT x-amz-version-id DfD0Fq3iAmM_hV0Eyr2sbRnru.XscRxb via 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 age 55997 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED content-length 29604 last-modified Tue, 02 Jan 2024 19:22:20 GMT server cloudflare etag "1a6b3ef841e99bc026b66072be732cbb" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUkOwuTxggEdEnbYPWjSEZb%2BmUXdPw%2FQDd0aUnAtlbT%2FLiH6WDiWD2k2rlL%2BG1y0o1XEKpy8Sy93t4gJL%2B1UyzGvuUm1FJUfiShRA8VgLfdeQYBhLfbmgxafmTSKBB8csHHmieMZ1HbZG9JnZDKq87kcqF8%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 accept-ranges bytes cf-ray 86abd7e0bd941909-FRA x-amz-cf-id MJ_EnvePQRwb7_25YKxUhnwx3QrCAGq_fmliZUUQt1D_QfXQoeYmAQ== expires Thu, 27 Mar 2025 02:10:18 GMT
POST H2	204	rhumb app.hubspot.com/api/cartographer/v1/ Frame B95D	0 1 KB	189ms 163ms	Ping text/plain	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=MeetingsPublic&hs_static_app_version=1.40200 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.40200/bundles/project.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 27 Mar 2024 02:10:18 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 1f9b30cb-3a89-48fe-b93c-a41baa61fbfd x-envoy-upstream-service-time 8 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 1f9b30cb-3a89-48fe-b93c-a41baa61fbfd server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7WkVJ2jfUyjqwmMdUykqnAt9Ql4lRsVRVF0f%2F44hTBIIyoN5Nk%2B1EqxYwltwHzSgG%2FqsMsU%2Ft1AUNRU3KgstcIoIALWkbkSQYxFDwP71U1wZ1uSEsqQKsetBLqQqwburuo9mTkjcD2Fy7VOsQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5cb9c9b4fd-66vwj x-evy-trace-virtual-host all access-control-allow-credentials false cf-ray 86abd7e0fe0565ac-FRA
GET H2	200	Group%2062468533-1.png 26088573.fs1.hubspotusercontent-eu1.net/hubfs/26088573/ Frame B95D	52 KB 53 KB	182ms 154ms	Image image/webp	2a06:98c1:3200::90:1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://26088573.fs1.hubspotusercontent-eu1.net/hubfs/26088573/Group%2062468533-1.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 985e61deda594c7d9cc6298db36f37140a83a8b3989fddee62a36c50bb881b7c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-meta-cache-tag F-80156383970,P-26088573,FLS-ALL age 151452 x-amz-request-id C5A6DCWRHFHC8NQH x-amz-server-side-encryption AES256 edge-cache-tag F-80156383970,P-26088573,FLS-ALL x-amz-replication-status COMPLETED content-disposition inline; filename="Group%2062468533-1.webp" x-hs-cf-lambda us-east-1.SetCacheTagHeaders 4 cf-bgj imgq:85,h2pri etag "642d21eeb0463e0ff8fa9d22b8e5d623" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * x-amz-meta-created-unix-time-millis 1695294412410 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-robots-tag none date Wed, 27 Mar 2024 02:10:18 GMT via 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-version-id 6JIWfyUuijqDorCmA6COSvbapfPgRNlZ x-amz-cf-pop FRA56-P7 x-hs-alternate-content-type text/plain cf-polished origFmt=png, origSize=104475 x-cache RefreshHit from cloudfront cache-tag F-80156383970,P-26088573,FLS-ALL x-amz-meta-index-tag none x-amz-storage-class INTELLIGENT_TIERING content-length 53100 x-amz-id-2 LipIfyjz6d7e1mylvkCEhgM+oCVoZlDLNMav3BjULImIuzv3/vf2KZH6xRGVh3BxLn7GUUBxZqc= last-modified Thu, 21 Sep 2023 11:06:53 GMT server cloudflare accept-ranges bytes cf-ray 86abd7e1096bbb5f-FRA x-amz-cf-id h6nmbNKYR91pKHTXxSPVuAwUWnoYBh0f_RR3T2kMhLS2DckhYRXEAw==
POST H/1.1	204	f9d051f404 Show response bam-cell.nr-data.net/ins/1/ Frame B95D	0 275 B	115ms 115ms	XHR text/plain	162.247.243.30 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/ins/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1184&ck=1&ref=https://go.oligo.security/meetings/mktg/shadowray Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.567/bundle.production.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.30 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://go.oligo.security date Wed, 27 Mar 2024 02:10:18 GMT access-control-allow-credentials true Connection keep-alive access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS x-served-by cache-fra-etou8220121-FRA
POST H/1.1	200	f9d051f404 Show response bam-cell.nr-data.net/events/1/ Frame B95D	24 B 344 B	126ms 114ms	XHR image/gif	162.247.243.30 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/events/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1186&ck=1&ref=https://go.oligo.security/meetings/mktg/shadowray Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.567/bundle.production.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.30 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 content-type text/plain Response headers date Wed, 27 Mar 2024 02:10:18 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type image/gif access-control-allow-origin https://go.oligo.security access-control-allow-credentials true Connection keep-alive Content-Length 24 x-served-by cache-fra-etou8220040-FRA
GET H2	200	common.js Show response js-eu1.hs-analytics.net/analytics/1711501500000/ Frame B95D	66 KB 21 KB	32ms 32ms	Script text/javascript	172.65.238.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-analytics.net/analytics/1711501500000/common.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cab8fc612e5cd703e1639a337731a44f16e2af5a0a88f3b0a8c8e21e35f78b4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT content-encoding br cf-cache-status REVALIDATED x-amz-request-id 9C0FTJ1N3WHETRNR x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id cad1936c-6e24-467c-8539-78513a26c316 x-envoy-upstream-service-time 21 x-amz-id-2 dY41R+61K0XeNfUR+WPnLCWQUmRmrpPNrZbJels0ikCu1O63WZ3ebCt5WxMlcAPNXuR0UbrKkn8= x-evy-trace-listener listener_https x-request-id cad1936c-6e24-467c-8539-78513a26c316 x-evy-trace-route-configuration listener_https/all last-modified Tue, 27 Feb 2024 15:24:31 GMT server cloudflare etag W/"abeeec836b80b6293ef1d5a3aeaa67d6" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-69d6cc4745-dp6mn cache-control max-age=300,public access-control-allow-credentials false cf-ray 86abd7e1b8871cbf-FRA expires Wed, 27 Mar 2024 02:15:18 GMT
GET H2	200	banner.js Show response js-eu1.hs-banner.com/v2/26088573/ Frame B95D	70 KB 22 KB	16ms 16ms	Script text/javascript	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/26088573/banner.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef85180c9f0d7d99ab5e50ee8031229f5dd9836991944947a529ddc8def7eb3c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT x-amz-version-id vLdJifXCvih5KubkHWZZuBRSX70E.x3M content-encoding br cf-cache-status HIT x-amz-request-id Z4T8AP01SAT14MTC x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id b092b0fd-cb61-4122-9a8d-5d9749625851 age 1 x-envoy-upstream-service-time 44 x-amz-id-2 62arFeYjt9xC/Ajvm0RGf9AhyNo8AsfLBZqG6Pbh/dabf8dUkQ+A1/9UsQWosvI+w+hzJhAwZ60= x-evy-trace-listener listener_https x-request-id b092b0fd-cb61-4122-9a8d-5d9749625851 x-evy-trace-route-configuration listener_https/all last-modified Mon, 25 Mar 2024 21:29:02 GMT server cloudflare etag W/"0092ea2632400aecf9b7c39abbf2cccb" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://oligosecurity.webflow.io x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-69d6cc4745-kkkrt vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 86abd7e1bbe33a54-FRA expires Wed, 27 Mar 2024 02:15:17 GMT
GET H2	200	collectedforms.js Show response js-eu1.hscollectedforms.net/ Frame B95D	69 KB 24 KB	22ms 21ms	Script application/javascript	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hscollectedforms.net/collectedforms.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ Origin https://go.oligo.security accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT x-amz-version-id VTCx5Wpr_CjwKFe_1K6ShUsHQL37oHcJ via 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED x-amz-cf-pop FRA60-P6 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 72d824d6-71e7-4a8b-8f5d-f8d9de163926 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.468/bundles/project.js&cfRay=86abd7e1bf544dc7-FRA x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 2 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 72d824d6-71e7-4a8b-8f5d-f8d9de163926 last-modified Wed, 21 Feb 2024 09:36:07 UTC server cloudflare etag W/"0892458d49ed5681928e6be69131caa7" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-fs9gp cf-ray 86abd7e1bf544dc7-FRA x-amz-cf-id G-oJHwHzAwlMxLy77t4sBGqrN482mq_OFRsxrKP--ta5FmPEne-GyQ== x-hs-target-asset collected-forms-embed-js/static-1.468/bundles/project.js
GET H2	200	fb.js Show response js-eu1.hsadspixel.net/ Frame B95D	6 KB 3 KB	13ms 13ms	Script application/javascript	172.65.219.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsadspixel.net/fb.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=51a5651d47027800ab1dbb0e123bd5e2&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c017dd8949f210767e79d84da7308acbe5f1070e157277687e2875a81ddfddd6 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT x-amz-version-id m2QwHR_yTdskzMN6ujPft62H9.GqHbkx via 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop FRA60-P6 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 989ea94f-ae6a-4354-9487-18ac383eafe1 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.543/bundles/pixels-release.js&cfRay=86abd08cbc5b9f28-FRA x-cache Hit from cloudfront cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br age 300 x-envoy-upstream-service-time 28 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 989ea94f-ae6a-4354-9487-18ac383eafe1 last-modified Tue, 26 Mar 2024 13:54:00 UTC server cloudflare etag W/"cb849cf7bbbd0c8cb1c20e6663f6af68" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status MISS x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-87cgv cf-ray 86abd7e1bc032bac-FRA x-amz-cf-id Sz94JO_Dgl_lhgTM8lZ98oOm7FxbV1CCbea0Btjp9rYcKeMWgb31sA== x-hs-target-asset adsscriptloaderstatic/static-1.543/bundles/pixels-release.js
GET H2	200	cf-location Show response js-eu1.hs-banner.com/v2/ Frame B95D	5 B 81 B	12ms 12ms	Fetch text/plain	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/cf-location Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.567/bundle.production.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36e656dcf10b15e4d5136fffafe93b8206a2c6fe48cec76f9273570ba2c20334 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private, max-age=1500 cf-ray 86abd7e1dbae2bf2-FRA content-length 5
GET H2	200	json Show response forms-eu1.hscollectedforms.net/collected-forms/v1/config/ Frame B95D	116 B 244 B	28ms 28ms	XHR application/json	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26088573&utk=51a5651d47027800ab1dbb0e123bd5e2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.567/bundle.production.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c5013b0c800324264ccbe5fe549f21cc08e7db884d957f40f96186493bce359 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept application/json, text/plain, */* Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0649f822-4790-4672-8c05-5f5f95882ec3 x-envoy-upstream-service-time 11 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0649f822-4790-4672-8c05-5f5f95882ec3 server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-6d56df675c-fs9gp access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 86abd7e1ef6c4dc7-FRA
GET H2	200	__ptq.gif track-eu1.hubspot.com/ Frame B95D	45 B 878 B	42ms 42ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=d4bc4325-60b6-4c84-b0ed-037e7861163e&ft=5&sd=800x600&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2141725003&v=1.1&a=26088573&ccu=https%3A%2F%2Fgo.oligo.security%2Fmeetings%2Fmktg%2Fshadowray&r=https%3A%2F%2Fwww.oligo.security%2F&pu=https%3A%2F%2Fgo.oligo.security%2Fmeetings%2Fmktg%2Fshadowray%3Fembed%3Dtrue%26parentHubspotUtk%3D51a5651d47027800ab1dbb0e123bd5e2%26parentPageUrl%3Dhttps%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&cts=1711505418552&vi=51a5651d47027800ab1dbb0e123bd5e2&nc=false&u=263486035.51a5651d47027800ab1dbb0e123bd5e2.1711505417962.1711505417962.1711505417962.1&b=263486035.1.1711505417962&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.oligo.security/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 1c138a98-a25b-44bd-b073-ded953814ff3 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 3 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 1c138a98-a25b-44bd-b073-ded953814ff3 last-modified Wed, 27 Mar 2024 02:10:18 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2F%2FSRbAwxNPEMxG%2BVeoKpvqDkLicQ9smOMocxrvIi97UEAkZQjm7UKrufRWfgYzNFU3amUz0Dsplvt6r7zZLL%2Fc3GyvMQJIKbRbrHK0pAqSLlsaVk47ttwwAFwxwcOJxrmwqrECyiQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-66c768894f-vzcfg x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 86abd7e1f9ad2baa-FRA x-robots-tag none
GET H3	200	/ Show response ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/	3 KB 2 KB	251ms 234ms	Fetch text/javascript	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/?iszitag=true Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 89e67acc32a5dba532edf53494069595219de10441c853f12163b4cc23b761cb Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/javascript visited-url https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Referer https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild _vtok ODEuOTUuNS4zNg== _zitok 9bbd5b84b5679cb512271711505418 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 02:10:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin https://www.oligo.security access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url alt-svc h3=":443"; ma=86400 cf-ray 86abd7e3ae569759-FRA
OPTIONS H3	200	/ ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/ Frame	0 0	166ms 148ms	Preflight text/html	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/?iszitag=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _vtok,_zitok,content-type,visited-url Access-Control-Request-Method GET Origin https://www.oligo.security Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url access-control-allow-origin https://www.oligo.security allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86abd7e29ff635f9-FRA content-encoding gzip content-type text/html; charset=utf-8 date Wed, 27 Mar 2024 02:10:18 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express x-robots-tag noindex, nofollow