www.oligo.security Open in urlscan Pro
52.17.119.105  Public Scan

32 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

• https://www.cdn.privado.ai/e4f3ad42fb264da7b4f5de414a529ba4.js HTTP 302
• https://cdn.privado.ai/geo/e4f3ad42fb264da7b4f5de414a529ba4_EU.js

Request Chain 67

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5919313%26time%3D1714456412846%26url%3Dhttps%253A%252F%252Fwww.oligo.security%252Fblog%252Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLus8XtVC7OCgAAAY8tkMVVObluxKInY2kv38eFb3tqHELoB9ab2BvA6SJmt_j0TNCSE2c

Request Chain 107

• https://js.hs-scripts.com/26088573.js?analyticsCommon=true&disableCollectedForms=true HTTP 307
• https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request shadowray-attack-ai-workloads-actively-exploited-in-the-wild Show response www.oligo.security/blog/	135 KB 39 KB	218ms 67ms	Document text/html	52.17.119.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-119-105.eu-west-1.compute.amazonaws.com Software / Resource Hash 31e63b95aa6cdb760b07dcd12b6926f6e793250c08fba1f6371a3b3b4f095385 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Frame-Options SAMEORIGIN Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 67248 content-encoding gzip content-length 39690 content-security-policy frame-ancestors 'self' content-type text/html date Tue, 30 Apr 2024 05:53:32 GMT vary Accept-Encoding,x-wf-forwarded-proto x-cache HIT, HIT x-cache-hits 5, 0 x-cluster-name eu-west-1-prod-hosting-red x-frame-options SAMEORIGIN x-lambda-id 41a8d298-c851-4edb-910b-fab022b78c66 x-served-by cache-iad-kcgs7200126-IAD, cache-dub4332-DUB x-timer S1714456412.064527,VS0,VE1
GET H2	200	oligosecurity.webflow.7a3462aa3.min.css assets-global.website-files.com/63dbb928e89213590c5bfd53/css/	270 KB 48 KB	122ms 34ms	Stylesheet text/css	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4c8f67146dfa59f5ae4e93f603c6cd330a08fc68b2025476d17ffbe8d5141be1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id _1B_rwswdGCMV4pTcup.EyfU1KpuMvAo content-encoding gzip via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) date Mon, 29 Apr 2024 10:17:19 GMT age 70574 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 48337 last-modified Wed, 17 Apr 2024 07:39:59 GMT server AmazonS3 etag "8b404bf2133f4223616b4a37be457a30" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id vrvgOaWTgS9g62LPgRbJAXqqZwoM1oKLHFyKI_8QQp-QpfS9xc1RMw==
GET H3	200	scrolldisable.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-scrolldisable@1/	9 KB 5 KB	77ms 44ms	Script application/javascript	104.16.86.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-scrolldisable@1/scrolldisable.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e83dcf850ec0764e07d449b409dac2382a9c06cbc2e179a4ebf793e04bca2b6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3585 x-jsd-version 1.6.2 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220103-FRA, cache-lga21973-LGA x-jsd-version-type version server cloudflare etag W/"24f5-UwbGQu810u+oOZfeoeQFlS8Ufrc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHbTsJtt0pXLS8I5sWCk8dpPm2DCLc%2FLo5h7JUp%2BLEQhch0JgsxBvzdLCI5ZK0tjyNZo1W89EtF9klOxSF2342sfVL1nVdIslPIZHqn%2BMBiVi4GezqLnXlYuZ9zgCWkXu9Y%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 87c545a00b7e1db3-FRA
GET H3	200	codehighlight.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/	4 KB 3 KB	38ms 35ms	Script application/javascript	104.16.86.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/codehighlight.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1254f8919b622330bce321d396d373e92655485778b03d3d1a04d493d44431ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 33353 x-jsd-version 1.5.2 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230089-FRA, cache-lga21981-LGA x-jsd-version-type version server cloudflare etag W/"1182-meaOv3e3adqfyT4jIRjTa76pxz4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iayxsQWkINkVXDX8wOew8ZqdR%2Bn111gizQ9tOtfS%2BUNqsAth26R9UfWMRUyAfaArrYgwTat0oQM89xOwDpdHb0z8KxGqe0%2FY63r7cgAMd8L7jNMP1TdK0Ikc5gbp4ah1I8M%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 87c545a0cc201db3-FRA
GET H3	200	richtext.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-richtext@1/	8 KB 4 KB	36ms 33ms	Script application/javascript	104.16.86.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-richtext@1/richtext.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c699eb55ae3fe61b3d783c8936ab1eb949c596a5c89118f703e328ede2b8308 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 42689 x-jsd-version 1.10.2 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220054-FRA, cache-lga21953-LGA x-jsd-version-type version server cloudflare etag W/"2147-I41v+oq443LPQB6aPqMil27q9QY" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2Fr0%2FRIfurCOAtBBFLrq3MnbDWXAI8XyysgR0E0NgDY3E1DMo7ChMgPsd6hcEqGnRfTlfGDoexwG2YbsA2f81q6imEgdK8vUpmq7tQwL6e8Grik15He6s5662PeqKgRdhIk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 87c545a0cc211db3-FRA
GET H2	200	65fbe8e80fcf9583aa08ee01_UiClE7Lry4dTouKC6uwne1W_rAXrGsozyQDO8wfSlhc34_fzEFrYxCUyf27RCk0Lvq0nARPURNQjLehHT34yXEHwqlxx7gJ_OBxI0VyveK3iM36Pb0-Up5x-iNjzirFB5NLdjTrT2RZ_JWD7b67sng4.png assets-global.website-files.com/63e8dd453f71270c6845992b/	16 KB 17 KB	277ms 202ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe8e80fcf9583aa08ee01_UiClE7Lry4dTouKC6uwne1W_rAXrGsozyQDO8wfSlhc34_fzEFrYxCUyf27RCk0Lvq0nARPURNQjLehHT34yXEHwqlxx7gJ_OBxI0VyveK3iM36Pb0-Up5x-iNjzirFB5NLdjTrT2RZ_JWD7b67sng4.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5b5bd92324001c975b5b00ad8ce359425091e30f6f20fdc4f2f6bd4e2e5d401e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id MW3XweawCgUMT_dG3NOgrStHIp4vQknb date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 16769 last-modified Thu, 21 Mar 2024 07:59:37 GMT server AmazonS3 etag "e094c9cf528ccc368d79685c839d56b6" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id LdTjvcD0FxJWY_L4atdTK8BJjdNqmeDk_ZLpl7SuozYd4Ugrz78AOw==
GET H2	200	65fbe8e5ebb60ff12aebd6a1_t9shcvlHAcfFx_lNvA4CEjwfOB1k3ou4YmacdR2nPIjFsMfgIAS5sqEmVo2CxcZzRJpkjoE68impYDVpEwgLdmHCfk7YxezK8avkg-Gwf1xg4f7NrdRm7rW4nkh8qE5BSi_g3XxYb7oq2_F1tbq8tHQ.png assets-global.website-files.com/63e8dd453f71270c6845992b/	37 KB 37 KB	494ms 420ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe8e5ebb60ff12aebd6a1_t9shcvlHAcfFx_lNvA4CEjwfOB1k3ou4YmacdR2nPIjFsMfgIAS5sqEmVo2CxcZzRJpkjoE68impYDVpEwgLdmHCfk7YxezK8avkg-Gwf1xg4f7NrdRm7rW4nkh8qE5BSi_g3XxYb7oq2_F1tbq8tHQ.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d876c43138c51e72f92997514875453bbdf8285295ab9623170e6693b01d640b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id i5LplciCOAgmWhtsbOMWds3XDqTsQYMN date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 37555 last-modified Thu, 21 Mar 2024 07:59:34 GMT server AmazonS3 etag "ec015d6f0fc45a52bdfa81d16d2a8582" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id ZSrBp9iwgYTTh06yle1BobtD6r8c2LGEnrgc9UOnKclNhDhwvZFHTg==
GET H2	200	65fbe88cc48e3bcdc69d7ceb_4VA4SJaEsaN1lvwvc18TF-BWhPnNlrW5p181fnXkh4JEXt6bGhDyeyKjuWY3HOnfiaLDRvA7N91MBWa5UB6KylUuCr4kMdygQZSVz9gxlcaKrhRXmoVpWaPMb1vEmLrakWKc5bUIfA7oV81Xpdm--tQ.png assets-global.website-files.com/63e8dd453f71270c6845992b/	45 KB 46 KB	517ms 510ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe88cc48e3bcdc69d7ceb_4VA4SJaEsaN1lvwvc18TF-BWhPnNlrW5p181fnXkh4JEXt6bGhDyeyKjuWY3HOnfiaLDRvA7N91MBWa5UB6KylUuCr4kMdygQZSVz9gxlcaKrhRXmoVpWaPMb1vEmLrakWKc5bUIfA7oV81Xpdm--tQ.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d8c74b68ba10fa21db2caafd7504fa047844dd952535804bfcc1c0479c1c26da Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id pKcu94GNQ7TCZP75WtJj226QL0BTzDUv date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 46441 last-modified Thu, 21 Mar 2024 07:58:05 GMT server AmazonS3 etag "ba79b7cee1c5223b934f03c97b232268" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id z2kvc16Gz8n3wERPIwK-wJuMg2KXMdcYkNbt20P-y8Yi3nuVTAB-2Q==
GET H2	200	65fbe938c48e3bcdc69e2e8c_iIcnuj-fmv9fK2TTljBc0g6NO-lVkK3LPCQkgBAGGNcIQvbFKy_JqDe2GRcB6AOOGB957XYqdSDK2cn9s1NoCBiWmzGcjVIuNYnYS3dQv_kLiEGYf5UPwdwycUH8qCIUABIaALw4H2JNuCGQrcS8eU0.png assets-global.website-files.com/63e8dd453f71270c6845992b/	257 KB 257 KB	487ms 481ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe938c48e3bcdc69e2e8c_iIcnuj-fmv9fK2TTljBc0g6NO-lVkK3LPCQkgBAGGNcIQvbFKy_JqDe2GRcB6AOOGB957XYqdSDK2cn9s1NoCBiWmzGcjVIuNYnYS3dQv_kLiEGYf5UPwdwycUH8qCIUABIaALw4H2JNuCGQrcS8eU0.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0f7dbe5bd525a488ed4c6465f0909e96922b7cf18a034445407f9790d5c2cb13 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id hJSIt1OrvJoWPQ.xw27bf68cN3UDUzzg date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 262693 last-modified Thu, 21 Mar 2024 08:00:57 GMT server AmazonS3 etag "57a0c4a6f71a91eba50cbe2429c9f3ad" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id BkYDHl5jxCeh0_I1b4ucaHku8AxuzSU4n56bjxyWEVTj-2FtBE38Bg==
GET H2	200	65fbe998ded95818b452a959_GkhC_cx8EP5HVTV-Eu_xncFRYnR7rsgBBM6dTYCxLmBLunSxpZk4wJFV-Sekrt5Qa-hwliFft68HWuXtvC9bg5TdY2MaM6egToYEYvHjOT40UO-8XCdqcsc_3NRXC7Ga9XBMoYl6G_38huWw3VnJXMA.png assets-global.website-files.com/63e8dd453f71270c6845992b/	64 KB 65 KB	454ms 448ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbe998ded95818b452a959_GkhC_cx8EP5HVTV-Eu_xncFRYnR7rsgBBM6dTYCxLmBLunSxpZk4wJFV-Sekrt5Qa-hwliFft68HWuXtvC9bg5TdY2MaM6egToYEYvHjOT40UO-8XCdqcsc_3NRXC7Ga9XBMoYl6G_38huWw3VnJXMA.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f92dd6b155565d51f1b7c32077c46dacbb335710ae2bf81030131eb447017cf3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id FthfCxb9bWg83.LsUPDOPOF0ThEQBJR9 date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 65672 last-modified Thu, 21 Mar 2024 08:03:57 GMT server AmazonS3 etag "54c93b3872d12a5bfcb83b68942ed5ca" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 14bgvSGrg9o-CB7-1rLnZsXR5ppb0y03L0xYPVAkzsqHUSVk8etIxw==
GET H2	200	65fbea695cce9dc952214b4f_AWQGG-ecsuQxW1xE0CNaKWrdOuwnO2kbGUzlO1Okq2Jm43klH3SXckyBpJs03DLRhz_68BTcaT2zsE5QKrd1fMHA9Y0n_qKX5noRU14gUwJzzp1MBF_KHBs0PUm0CnRjc0xFXkt6Qi7BQPyCJveGc3w.png assets-global.website-files.com/63e8dd453f71270c6845992b/	300 KB 301 KB	437ms 433ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbea695cce9dc952214b4f_AWQGG-ecsuQxW1xE0CNaKWrdOuwnO2kbGUzlO1Okq2Jm43klH3SXckyBpJs03DLRhz_68BTcaT2zsE5QKrd1fMHA9Y0n_qKX5noRU14gUwJzzp1MBF_KHBs0PUm0CnRjc0xFXkt6Qi7BQPyCJveGc3w.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 602f9be3e66ece70117068443d2475b6d2c65aa4a557317061e9857fde1ea911 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id S4Jg0ytSLnVwVGNMtIDW1oDI6yjIq3e2 date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 306987 last-modified Thu, 21 Mar 2024 08:06:19 GMT server AmazonS3 etag "1e5da33d266a36a344c8b41d9f89b983" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id zZsn-K1OmiFkmpMlt3QfXj35yaFiTVi5O1wlgUnYr8_pl79k27JjWQ==
GET H2	200	65fbea7f26cdf0975f1623ff_ZtQ0ufydemMiFG-BewKrECo9GSvBEjwHGBYriDc9bU79h9css-4qfF2TR5mtv496GEVBpuZsMPJqfHkXtC4qAcq9EMzxdW_8Ibrl8b4MR0TmgGubaYp7WaMeec10T8d-g9123-HRk8g54i33UijiLao.png assets-global.website-files.com/63e8dd453f71270c6845992b/	12 KB 13 KB	83ms 80ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbea7f26cdf0975f1623ff_ZtQ0ufydemMiFG-BewKrECo9GSvBEjwHGBYriDc9bU79h9css-4qfF2TR5mtv496GEVBpuZsMPJqfHkXtC4qAcq9EMzxdW_8Ibrl8b4MR0TmgGubaYp7WaMeec10T8d-g9123-HRk8g54i33UijiLao.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6980a94648bbb68c5529a40ad8e5c2cb02f52824d5b6c0d0a216a9f3d14629f2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id B.ltkkVfKxuIjGyc5JhdP1ghBGLIZk_D date Tue, 30 Apr 2024 05:53:32 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 61428 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 12657 last-modified Thu, 21 Mar 2024 08:06:24 GMT server AmazonS3 etag "0f8dcc0a4f1795828de37c8af16a9871" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 0u6cBpzFjcOWdlBGdu552e8U91trXIwjafkHQws3lKwAYSlmAcIgrA==
GET H2	200	65fbea8ea8394bc6fa8069f5_x37sSjcL41TzCo8rXVL_Op9bW4yCYg2clLLhBB71Op_IoKQ5MVyerY2N87GMsuQGH6oEuQxgT70lD4luPiVdz2XVg9pOdEX7k6cjOMKz_MbbeZfR1TZkFba5AX-AEPDe0seMIJuGhMFIgF7cg5fdNoQ.png assets-global.website-files.com/63e8dd453f71270c6845992b/	21 KB 21 KB	514ms 511ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbea8ea8394bc6fa8069f5_x37sSjcL41TzCo8rXVL_Op9bW4yCYg2clLLhBB71Op_IoKQ5MVyerY2N87GMsuQGH6oEuQxgT70lD4luPiVdz2XVg9pOdEX7k6cjOMKz_MbbeZfR1TZkFba5AX-AEPDe0seMIJuGhMFIgF7cg5fdNoQ.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca57f1cb88217eb9b4cbdb6875a4bf50a6c5bceabfc91c0822bd01625fd3e4df Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id OKafK8NuSD4hD19nxrmLh7qK071zgFf6 date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 21098 last-modified Thu, 21 Mar 2024 08:06:39 GMT server AmazonS3 etag "c205c7838c4a37f36041bf5e0e00b0b0" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id CrWKWbs645Xd5aNaBYLo0H3rE2uEOei9tjJjtDSy6tbJhCKtR1vmLQ==
GET H2	200	65fbea97777e6eaf16570cfe_NigWPn_T51UrrP-eAVAu7g_ftvkZgEoOaVYMlFEuMqXU7flSlfJiDFAgGGuZ4wMNzap9PbbG01mV8m4kywArWATqjL5MvI0i3E3Y_FforRbSe-dyITDEtrrq7JWCOHXLmrAdyGpG_ZI8iCHFLu8etxM.png assets-global.website-files.com/63e8dd453f71270c6845992b/	69 KB 69 KB	429ms 426ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbea97777e6eaf16570cfe_NigWPn_T51UrrP-eAVAu7g_ftvkZgEoOaVYMlFEuMqXU7flSlfJiDFAgGGuZ4wMNzap9PbbG01mV8m4kywArWATqjL5MvI0i3E3Y_FforRbSe-dyITDEtrrq7JWCOHXLmrAdyGpG_ZI8iCHFLu8etxM.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d69d253fed41e9ac60430696a33b0cf1118c520a44484b03f76cf8b5a6b3a967 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id .huhORO0vJvDUUviW0zKmnD5cGdNbdE2 date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 70489 last-modified Thu, 21 Mar 2024 08:06:48 GMT server AmazonS3 etag "51314f2307960c6865ba421638c81bef" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 2Q1HaJUeshhiL-RTsVW3GQPxWMVCbB6XTePVypa-XVNEdWk5U9slhQ==
GET H2	200	65fbeaa0d92483225ea7f08d_RKUHc5Y0ZTPCwzIoG2DeZfoFJ06vk8tvLQsbpVA8bhdQnsimLBoX_comgoa5-2r-aOr5grqJc6UpMaYuAGuZH9xkQGoZBXS1Bp9l8xOf0dvK9hUQeEn2tAUZSeU-lX4sFfhECAyKJ1Ejq9MKLhrEMus.png assets-global.website-files.com/63e8dd453f71270c6845992b/	41 KB 41 KB	422ms 419ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeaa0d92483225ea7f08d_RKUHc5Y0ZTPCwzIoG2DeZfoFJ06vk8tvLQsbpVA8bhdQnsimLBoX_comgoa5-2r-aOr5grqJc6UpMaYuAGuZH9xkQGoZBXS1Bp9l8xOf0dvK9hUQeEn2tAUZSeU-lX4sFfhECAyKJ1Ejq9MKLhrEMus.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash abcf6e88eb8162224f54ada6eeba59fc9f49e98b8e70e23a05475e964a13059e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id NByU52Yd88VsCdd.aOJ7ERNG4rekXQ3i date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 41680 last-modified Thu, 21 Mar 2024 08:06:57 GMT server AmazonS3 etag "c4a59d0d5b976bdb3036dbd2e3cc5d13" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id dQhBzJhp10MfImqBtMjqzZVs_V55tAYXQcbyeYaTfXEnXxWTrYLiVA==
GET H2	200	65fddc958fb21fa93a34cbc6___QS_DWI4DgfXZd7ouf9Cf2AaQHSRsjWssZLoLmZecAlxtIF2aCtdmR8d3XW_yPddAnkqLmnmZQeZcnG89_iCYjRu8S-jezZh7s5yrbmwTLySZT5UvIZ2VTVh8S-0c0QUEFEistL2Sr7QbGpnWDKfxg.png assets-global.website-files.com/63e8dd453f71270c6845992b/	25 KB 25 KB	449ms 446ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fddc958fb21fa93a34cbc6___QS_DWI4DgfXZd7ouf9Cf2AaQHSRsjWssZLoLmZecAlxtIF2aCtdmR8d3XW_yPddAnkqLmnmZQeZcnG89_iCYjRu8S-jezZh7s5yrbmwTLySZT5UvIZ2VTVh8S-0c0QUEFEistL2Sr7QbGpnWDKfxg.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 607faa1c7e1f0227d937e00d686110ff94ba673cb5fc0201208ff3cd140c21f8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 3Wk6uS4aSl5hxpHDeNoxP.KcANSDEcmg date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 25498 last-modified Fri, 22 Mar 2024 19:31:34 GMT server AmazonS3 etag "dfeea9efb60dd02566c282f3e66d816c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 5snVrpAlCoFYuxLVml8EMaAQ8ij6h-8-sRwEisPG7gKa9n_IUYnyRQ==
GET H2	200	65fbeab6d292e9741e331e10__wsQe4DyVnH8EDM34oS3-zD_sM0w4N59C8U6tZIKG1AN_IjLx-nlq9ouKeey2riKMVuPjBFYrnoPZHUzjt-Zho3_z-0y_taG1jia-G_BvtRaE8FeKHP45c3xhPElqsrru7jqt7Vo1RTcNfBdiat1IH0.png assets-global.website-files.com/63e8dd453f71270c6845992b/	52 KB 53 KB	101ms 98ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeab6d292e9741e331e10__wsQe4DyVnH8EDM34oS3-zD_sM0w4N59C8U6tZIKG1AN_IjLx-nlq9ouKeey2riKMVuPjBFYrnoPZHUzjt-Zho3_z-0y_taG1jia-G_BvtRaE8FeKHP45c3xhPElqsrru7jqt7Vo1RTcNfBdiat1IH0.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8497eceacd3a2fe272163790e0900267e08857dfd9d6ee6bef27eda6d9a52cf4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id .JNmK0xBs19dO.alnK0mctHikCdbYq.B date Tue, 30 Apr 2024 05:53:32 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 61428 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 53603 last-modified Thu, 21 Mar 2024 08:07:19 GMT server AmazonS3 etag "f28d48113439d0e2db41a540267065c1" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id Qc-NNVr-gnkVJZsgRmdUmUChrlK4OSwfdpi8MuwHEiJc9ji05D4SjQ==
GET H2	200	65fddcef15505ae30ab7a876_10qAhajSBriAiBUH333DqYjVXquFdt38QvgXQetpv44UXJz-4zKbZMeLLMGXEYCI1ZlkG_niymvyHb-O6vrboZydGoriB5-QWMXMK0Oop56P8ZHGBmvZurWa7PdAm8QipzafzPght1qzD6uKFN0GOmk.png assets-global.website-files.com/63e8dd453f71270c6845992b/	27 KB 27 KB	118ms 116ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fddcef15505ae30ab7a876_10qAhajSBriAiBUH333DqYjVXquFdt38QvgXQetpv44UXJz-4zKbZMeLLMGXEYCI1ZlkG_niymvyHb-O6vrboZydGoriB5-QWMXMK0Oop56P8ZHGBmvZurWa7PdAm8QipzafzPght1qzD6uKFN0GOmk.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dc635ae3eeeba663545c699be478ea5e4c69d9eac236741f57bdf6b2d66d0b7e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id MWuBBv8LTKSUiz3LwXsJELoRa5Y_MLdT date Tue, 30 Apr 2024 05:53:32 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 61429 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 27197 last-modified Fri, 22 Mar 2024 19:33:04 GMT server AmazonS3 etag "6efb78724b538312e74e2af6f207d7cf" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id GdJXNH_AXBF47NSHTh8rze_nnNAlGiO_UvQ50dfWGpxbLq8xiY6XzA==
GET H2	200	65fddd083ad3fcd645d7a242_sYJ1Gcfx68erkfxCO-541k5IeY9zWm-MAUuCMmez2qYHqvzlrbTp4MbwqNKdoDjTxKrNITZwSs3Sb48FMwi600leozXXxyoCUbxNLNIm4exxAsUbeE2mnKr-v_ZeJTiQh11fRk5Sdn2TMwJ4AWS-7h8.png assets-global.website-files.com/63e8dd453f71270c6845992b/	49 KB 49 KB	126ms 124ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fddd083ad3fcd645d7a242_sYJ1Gcfx68erkfxCO-541k5IeY9zWm-MAUuCMmez2qYHqvzlrbTp4MbwqNKdoDjTxKrNITZwSs3Sb48FMwi600leozXXxyoCUbxNLNIm4exxAsUbeE2mnKr-v_ZeJTiQh11fRk5Sdn2TMwJ4AWS-7h8.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e7f277f8e31f439310633aca2221f239757f398b4815170fe78bb67f9ac3d4bd Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id vkOao6EG7OWb_dVXTLeC.7HofCQQSNwm date Tue, 30 Apr 2024 05:53:32 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 61428 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 49933 last-modified Fri, 22 Mar 2024 19:33:29 GMT server AmazonS3 etag "12b36892a305b48a7cac014365270837" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id x5vxFytEtjnv5MBVDkpsIoDHfr-3Ntsf5AUF_jRrnAb5RK8IvR97bQ==
GET H2	200	65fddd1e3dc1735e2e9f1920_ptb0Jgz7arATJATl4igW7BLQHQ972R5Rb1FFPb_zj9sdoRBXOS0yqOv2Hr3Ac-kuAD1dmUZYxlXWAeMmNKBJaGKJQ1o0VKrBCOC-0-SUceqIjh2vX6G7bqBOixrBGgWaj-BkrmSztSfqX_gGUzfRYkg.png assets-global.website-files.com/63e8dd453f71270c6845992b/	142 KB 143 KB	514ms 512ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fddd1e3dc1735e2e9f1920_ptb0Jgz7arATJATl4igW7BLQHQ972R5Rb1FFPb_zj9sdoRBXOS0yqOv2Hr3Ac-kuAD1dmUZYxlXWAeMmNKBJaGKJQ1o0VKrBCOC-0-SUceqIjh2vX6G7bqBOixrBGgWaj-BkrmSztSfqX_gGUzfRYkg.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a1855684354322fc3bdc37ee15f34f614e8e3b83ce5e047e0080fde4adad3f01 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 2HN_meOZTkjnyHjCoUbPbUEgGMTFuBF5 date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 145826 last-modified Fri, 22 Mar 2024 19:33:51 GMT server AmazonS3 etag "e5d7877b10f0f649fdcdbde6c4b763c9" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id WanL_Gx4UAw_j6qkchYtb2QeDFzdyzoPFTPDO-RwtByJr-1bUrygXg==
GET H2	200	65fbeac9b534167645cbe97a_W1Vj5dhZSR6OaDiIf5ENTawboZN1S0tFL71p2MoYOI0UyFkSlo9nXZ39UjS_LG_QbqPBkNzS2zB8SelPCm1O2eDjj7gk0PofC-aChj088I47A41qTwCA5cg8VNej6-NuAYTIcXz8Cmy6jDx1XWCgc2I.png assets-global.website-files.com/63e8dd453f71270c6845992b/	59 KB 60 KB	130ms 128ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeac9b534167645cbe97a_W1Vj5dhZSR6OaDiIf5ENTawboZN1S0tFL71p2MoYOI0UyFkSlo9nXZ39UjS_LG_QbqPBkNzS2zB8SelPCm1O2eDjj7gk0PofC-aChj088I47A41qTwCA5cg8VNej6-NuAYTIcXz8Cmy6jDx1XWCgc2I.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e0f489313e71e838e3612fa89eed40f75775ddbce9761c3a51e1e6d7891b696 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 5ipVN3cBrfzEcXKn23.wm1O_nT1RkVPO date Tue, 30 Apr 2024 05:53:32 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 61428 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 60607 last-modified Thu, 21 Mar 2024 08:07:38 GMT server AmazonS3 etag "7a406b9138c70c261cbf5ff5ca72b575" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id ocROV3wW28wTAQv9zIJnLATGSlElt1e2O-iL2fQER-01MciXMhIQXA==
GET H2	200	65fbeafbab4f9c13e1630bda_aBaJ8FZy-rPGOj4x-s6UIiq-V6UqaNBfWsheIiKRhR2mIkYX0SUdQcFsPcaNbn0EerWG-w5bnareUX9chy-AW4YqtUFz0C81lC5qEjA5o0BCblxru_tlZdS_y3-AcMCbBzPTS2TBszDnpdYP0AV2wpA.png assets-global.website-files.com/63e8dd453f71270c6845992b/	77 KB 77 KB	90ms 88ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeafbab4f9c13e1630bda_aBaJ8FZy-rPGOj4x-s6UIiq-V6UqaNBfWsheIiKRhR2mIkYX0SUdQcFsPcaNbn0EerWG-w5bnareUX9chy-AW4YqtUFz0C81lC5qEjA5o0BCblxru_tlZdS_y3-AcMCbBzPTS2TBszDnpdYP0AV2wpA.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2462db02cfe62c7c80a191cef8b928fa4cfdfcabd83939f655581fadd8c8e3e7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id LO.eYdp5RDbTIC0ShQ.KgSZZy5WaT9uX date Tue, 30 Apr 2024 05:53:32 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 61428 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 78407 last-modified Thu, 21 Mar 2024 08:08:28 GMT server AmazonS3 etag "57a5a05e0efa660b95b5339f33bc9a1d" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id BX2JZBeYrE0YuqZV_U1rvxuVT-TpWqqptaECbSyjl7qm-fAXBYUqxQ==
GET H2	200	65fbeb50104e90dcc8a7ca8b_7pwsBiluSYq2ZObZHLzr2lX1ozIbWYsX0spqtn8H_xcWc64EvyEefpPorATGyWQpymjr9EdmqqIa3kuBu5bkZ5kV-0yreOiPA_zJJjRYl9QeqqcE4q3bmw_k95huN7V9VW4iXLfYk3UzP6OEfPtQDDE.png assets-global.website-files.com/63e8dd453f71270c6845992b/	83 KB 84 KB	515ms 513ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbeb50104e90dcc8a7ca8b_7pwsBiluSYq2ZObZHLzr2lX1ozIbWYsX0spqtn8H_xcWc64EvyEefpPorATGyWQpymjr9EdmqqIa3kuBu5bkZ5kV-0yreOiPA_zJJjRYl9QeqqcE4q3bmw_k95huN7V9VW4iXLfYk3UzP6OEfPtQDDE.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e3dc59aa1d62442c0d6fe79f2f2fd8d6a8fb27c3221959a6dfa5b60d26e3cc8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id ZzSiyeqYJDjL2SMxl1AZhcRhzy7kN2AI date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 85067 last-modified Thu, 21 Mar 2024 08:10:25 GMT server AmazonS3 etag "5ca7b728aff10cf16ad461267efcb47e" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id C-ULgTOpbVUGP7ZS9SUB8QvQeepQ9DqxIjHPl7o3-ii_NJky-mK60w==
GET H2	200	MeetingsEmbedCode.js Show response static.hsappstatic.net/MeetingsEmbed/ex/	3 KB 2 KB	115ms 35ms	Script application/javascript	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 714a29cddf076da12e2fa111327e25d48553d9a5bf6ca2e6953b0f1bd593ebc8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id 0bgb.gKiS549CvaY8LGWpMYrw7FnqE4b via 1.1 5b23e906a0b30aeeaaccd141aadaa56c.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop CDG52-P2 age 54 x-amz-server-side-encryption AES256 content-encoding br x-cache Miss from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 15 Apr 2024 19:58:06 GMT server cloudflare etag W/"054eb16fed83e8d1dbd4ec9c6d458f78" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycRHwdboKiFBKwhrlK%2B66ewdQaegeaTT7qw4RDvn3ZEo1E6RgUxsChfOcZmS5iH6mqjPNbop%2FlmX%2B6hVrotzHYPTKVbMWwoiE6hkcvuOKI4DZxUD0CD%2Bu0fPyDEsMKAhRJVreErjN2C6off0OK3w27%2BHUjY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=60 cf-ray 87c545a139fd214f-CDG x-amz-cf-id IAs0j3u6Oxw30XCxHUfPi8VOMM7um0PBweeM43FlAlrQs2IcrbRuow== expires Tue, 30 Apr 2024 05:54:32 GMT
GET H2	200	v2.js Show response js-eu1.hsforms.net/forms/embed/	482 KB 155 KB	129ms 41ms	Script application/javascript	172.65.255.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsforms.net/forms/embed/v2.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 218 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=87c5404c795e5b4a-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"b0047a8901d8ed9f81db3dcb5982114e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5064/bundles/project-v2.js date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR via 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 603b090d-147a-4dbe-ba01-a6d8c48fe6cb x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 7 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 603b090d-147a-4dbe-ba01-a6d8c48fe6cb last-modified Wed, 03 Apr 2024 11:15:05 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSlr%2FSv8%2BW0nXMVDHOTOMPRXoRcsU6ENgJOL2N2hPQ8kpG905EEPrD8V%2BnMy5hwNI6wluykVs2cFHeAq5dwZb8glBYidm9OuJo9ZK1WAc%2Fj6LKw8ZNKf6Fbds7Xr2l24xAgKCA%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-xvsdk cf-ray 87c545a14e7571bf-FRA x-amz-cf-id LIXJH-Fwytgu91CR4LrPPUJxkgQz9draJ6b3vIDybZN60pLxRIh8Ew==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 31 KB	117ms 33ms	Script application/javascript	52.222.232.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=63dbb928e89213590c5bfd53 Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-99.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 11:15:10 GMT content-encoding gzip via 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront) age 67103 x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id cPm_ggHhx_TcpACEyS6Yo7G9rAVwjfBTNz6eFQJqfwZf0dSBzGjbbQ==
GET H2	200	webflow.2c16f3196.js Show response assets-global.website-files.com/63dbb928e89213590c5bfd53/js/	741 KB 182 KB	41ms 36ms	Script text/javascript	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/js/webflow.2c16f3196.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b864c0d8e0850575b4f80fdfdf5f07a643fce996fc9484be75e885294169514b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 04:27:17 GMT content-encoding gzip via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-version-id .1q2yhcojbs3oI14U11GlSbf9EZ6ApBu age 5176 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 185873 last-modified Wed, 17 Apr 2024 10:53:12 GMT server AmazonS3 etag "1047224ffa48941a6112234effc47fb6" content-type text/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 1UiAPAMCo4BfNekQdVSgnRnVDSUduXr3wOiX8_bVwmEnUcO3fQDhNg==
GET H2	200	e4f3ad42fb264da7b4f5de414a529ba4_EU.js Show response cdn.privado.ai/geo/ Redirect Chain https://www.cdn.privado.ai/e4f3ad42fb264da7b4f5de414a529ba4.js https://cdn.privado.ai/geo/e4f3ad42fb264da7b4f5de414a529ba4_EU.js	54 KB 55 KB	51ms 31ms	Script binary/octet-stream	2600:9000:2156:da00:14:dc98:7700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privado.ai/geo/e4f3ad42fb264da7b4f5de414a529ba4_EU.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Server 2600:9000:2156:da00:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 837dc33fac63d6506e34040fd85378926877131f88aa8814d062125edde98173 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer https://www.oligo.security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers x-amz-version-id gvaDxZ4dnmo4LOqGaUOUcdljv2QH4X35 date Wed, 17 Apr 2024 07:01:25 GMT via 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront) last-modified Thu, 08 Feb 2024 18:37:08 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 age 1119128 x-amz-server-side-encryption AES256 etag "126c3d81bfd62f6aeeb4d51a807ff0dd" x-cache Hit from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 55502 x-amz-cf-id MtRJKuCHkhYTInowFULY2H2E_JDE2N0gasZVSy0qUkp376cf6tyeuw== Redirect headers date Thu, 25 Apr 2024 11:50:29 GMT via 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA50-C1 age 410583 x-cache Hit from cloudfront location https://cdn.privado.ai/geo/e4f3ad42fb264da7b4f5de414a529ba4_EU.js content-length 0 x-amz-cf-id 6V4F9Be8UXcEzgiD20lXB3UJS4d1OQPC0EVR5dJJBD2u--bJhdTKMg==
GET H2	200	bundle.v1.0.0.js Show response tools.refokus.com/social-share/	2 KB 1 KB	103ms 21ms	Script application/javascript	76.76.21.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tools.refokus.com/social-share/bundle.v1.0.0.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 57a1be218332ffe88ab1757b2786ea6c193456814044ac6ca5aed7ef6e292e13 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id cdg1::vnqsx-1714456412357-016d76c32ac1 age 1185513 etag W/"5ab5e077823e9ac9fe87506050035832" x-vercel-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="bundle.v1.0.0.js"
GET H2	200	form-124.js Show response hubspotonwebflow.com/assets/js/	10 KB 3 KB	116ms 35ms	Script application/javascript	76.76.21.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hubspotonwebflow.com/assets/js/form-124.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id cdg1::8wx2z-1714456412357-6f8fa186353c age 1069786 x-matched-path /assets/js/form-124.js etag W/"392ca1f460caa2aa9439969a89f31c13" x-vercel-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="form-124.js"
GET H2	200	gtm.js Show response www.googletagmanager.com/	250 KB 88 KB	128ms 48ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4fad4ff76604ce1181cf2d09d7a86d242689e9252b504d60d8dd510c33166fc9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 89580 x-xss-protection 0 last-modified Tue, 30 Apr 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 30 Apr 2024 05:53:32 GMT
GET H2	200	63e8f3f05b939f21199f79e6_Runtime%20application%20security%20and%20observability%20-%20Oligo%20blog%20vis.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	3 KB 1 KB	83ms 82ms	Image image/svg+xml	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e8f3f05b939f21199f79e6_Runtime%20application%20security%20and%20observability%20-%20Oligo%20blog%20vis.svg Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1df30db67bd1142700a1d2d22015595e8f2c0ae5cdb429d10ba2404adef7d7d0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 04 Feb 2024 18:07:13 GMT x-amz-version-id x2f7bVZMdFn4ZyioNVEJT9.uJzR5or2L content-encoding br via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 7386380 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sun, 12 Feb 2023 14:13:05 GMT server AmazonS3 etag W/"4b4656ca97e042a02ff500611312ff2b" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id 6Jqu5q9EtS28rp2KvVcUezA0e_ZYhKIZQCkCAWypuL2zDx3-VoYgRA==
GET H2	200	65f926d964d6556cb8932460_Urbanist-Medium.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	42 KB 22 KB	144ms 44ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/65f926d964d6556cb8932460_Urbanist-Medium.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 6aefc0594cbe554d6bf1b600e9b04832cf78d3657decedfd9b8bbd4be3548ae9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Apr 2024 05:47:35 GMT x-amz-version-id 7xC8e.Jc5xnWYUFD_ywfAb9ljGMfNmc9 content-encoding br via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) age 2505958 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 19 Mar 2024 05:47:07 GMT server AmazonS3 etag W/"9ffbd4b23b829ddd499aaf5eb925a86c" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id fNXUhjqUP4Mp6Ue7ZyDBCz789s0vKqNa3bZsbYpcnMxzwGZf73mWWA==
GET H2	200	65f927d0e0bff309020a7ab5_Urbanist-SemiBold.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	42 KB 22 KB	130ms 30ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/65f927d0e0bff309020a7ab5_Urbanist-SemiBold.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e36b4e1e450a42b686b3b62e694fca2e759e15688f638cae0b26f988c0ba4c9f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Apr 2024 05:47:35 GMT x-amz-version-id .QJh4Mvdy_nhCtRwhX.KOC6veTVhV8EH content-encoding br via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) age 2505957 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 19 Mar 2024 05:51:14 GMT server AmazonS3 etag W/"ae731014b8aa4267df78b8e854d006ef" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id cShyjip6kDmCc1V772yyYFmAOUuI24CYaelUWWPmZ5pg2yruXS89VA==
GET H2	200	6576ffeefa5c1d59c4af77ef_Gilroy-Bold.otf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	54 KB 55 KB	174ms 74ms	Font application/x-font-otf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/6576ffeefa5c1d59c4af77ef_Gilroy-Bold.otf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 23 Dec 2023 05:34:14 GMT x-amz-version-id Z0WqSiEDth.v.8BTxpuVItipsTAKJAnb via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) age 11146759 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 55376 last-modified Mon, 11 Dec 2023 12:26:23 GMT server AmazonS3 etag "17cb9303df7b7264b9c4ef0953366617" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-otf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 6aXRDE8QZY8iXyXpsJA0ocqx23Hq_3yfmESfe04fq4wP554JF7SILQ==
GET H2	200	651e74ad93ac287a277918eb_Gilroy-Medium.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	140 KB 57 KB	154ms 55ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/651e74ad93ac287a277918eb_Gilroy-Medium.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7b3c84352c6a0d8a3479b528b8d8336ddb1cef0da8b81dea0e41a930d56523fe Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 17 Dec 2023 08:59:30 GMT x-amz-version-id svhvpGz_XPuJp67RfZy085V84.J.osOF content-encoding br via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) age 11652843 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 11 Dec 2023 12:22:36 GMT server AmazonS3 etag W/"c83281ae1ca703d0741a770ee7e7c091" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id sb_ODeznVH6w3K3SoxEmOQ8GeSMr8aY7LqMLIou_bwP4-Pb4HZIwBg==
GET H2	200	651e74a0767b9c73701282b7_Gilroy-Regular.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	142 KB 56 KB	184ms 84ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/651e74a0767b9c73701282b7_Gilroy-Regular.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 10 Dec 2023 07:06:04 GMT x-amz-version-id oexasRtVcyRcChHliJIa93hv1qQmICmj content-encoding br via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) age 12264448 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 05 Oct 2023 08:32:34 GMT server AmazonS3 etag W/"31ff7c1a62a300dbbf9656b4ba14a0d5" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id iXxRwLjctLxOGr6vkAVclCD4SJaG8Al-JOmnYvCorpxjOH-CSgizJA==
GET H2	200	65fbd7d106f822c9e08dcb85_Avi-Lumelsky-p-500.jpeg assets-global.website-files.com/63e8dd453f71270c6845992b/	17 KB 17 KB	94ms 89ms	Image image/jpeg	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbd7d106f822c9e08dcb85_Avi-Lumelsky-p-500.jpeg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bf26427ca5bfce7aa44f313cabe1275052f82eb4d565a5c49c5849be9d72940f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:35:55 GMT x-amz-version-id K49UKeApz3qrH2skUssDpkKrTEeBvYJd via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 3003458 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 17089 last-modified Thu, 21 Mar 2024 06:46:44 GMT server AmazonS3 etag "1eea2170f9d5b151badf5bd03897f9a5" content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id ZeK-s8T7vpQltJeYRBN8PtmJJn8h6OkXOzHVFer7XFiVKfrrbK9v2Q==
GET H2	200	651c02cddfd2791d719a7f14_Ellipse%203617.png assets-global.website-files.com/63e8dd453f71270c6845992b/	14 KB 14 KB	94ms 89ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/651c02cddfd2791d719a7f14_Ellipse%203617.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b052ae02766f3a5f58f1c9204da57d64df5f5c01840c367cea6ec4a4568a84a9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 06 Mar 2024 08:32:39 GMT x-amz-version-id 9ZoqiOGCPzSlp2r.EcSj44PNZ3pgnI5b via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 4742454 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 14117 last-modified Tue, 03 Oct 2023 12:02:23 GMT server AmazonS3 etag "15cc1bbdf7982afcaac24ddb2c340fe9" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id qoP9XtWWSRS8JQrBssMF_obBXAaMjLLCeRHreH_5BmgSNKHHtF9elw==
GET H2	200	651c02da27d2a4f4f97b5e79_Ellipse%203618.png assets-global.website-files.com/63e8dd453f71270c6845992b/	14 KB 15 KB	98ms 93ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/651c02da27d2a4f4f97b5e79_Ellipse%203618.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4422814965de8256ef5f3e608d5052400d213cd2689758377faad24342a0170d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 08 Mar 2024 09:43:23 GMT x-amz-version-id Y1pfVyK8b4J1yLM6aOZSnLbpd9eCBw5g via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 4565410 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 14654 last-modified Tue, 03 Oct 2023 12:02:35 GMT server AmazonS3 etag "3cc881439fd2afdbd64b553558fdbdd8" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id JzsCQk01RARSnRKtHzdI0YpvlUMqAl1W-FX9LhcYi6hZTfq3BbvU3w==
GET H2	200	63e699a712777076bc9d3685_linkedin.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	940 B 1 KB	97ms 92ms	Image image/svg+xml	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e699a712777076bc9d3685_linkedin.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c867b00c1dbd3c7ac3af53d79d20ac9db3179579887db5bc6f4d071ab993c392 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 13 Feb 2024 13:40:28 GMT x-amz-version-id e9VxNuEjCkHK9J9zxzOSKdwTs5.6uTQT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 6624784 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 940 last-modified Fri, 10 Feb 2023 19:23:21 GMT server AmazonS3 etag "d24c7fc14f2a5f6e6d897795dd234cb5" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id milMeRMZ3BGcgArYWhbjpglxHXGQbiFzPYfSFGWplyKhET2po1sHJA==
GET H2	200	63e699d3bafcc396e9c866d1_Twitter.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	974 B 1 KB	103ms 99ms	Image image/svg+xml	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e699d3bafcc396e9c866d1_Twitter.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7dc092306d243a19a04da12bf4ba5cf495be8e33623db482ac0e6e66a6634146 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Jan 2024 13:28:32 GMT x-amz-version-id 3VQMc_vvl_O8XD6RkqO9OFp46uYe6VXO via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 8267101 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 974 last-modified Fri, 10 Feb 2023 19:24:05 GMT server AmazonS3 etag "da7677e082bdcea6a6009605193def93" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 6x5gUpjCHvNYibLrjdSV47qKgKsUJM35ikV1oWtHjsMyaYD13Aa9ww==
GET H2	200	63e699ecce4fe7680bc34437_facebook.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	625 B 1 KB	101ms 97ms	Image image/svg+xml	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63e699ecce4fe7680bc34437_facebook.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 91a3ed526e58ba6845c3ceebaeba0095c76e9ea6c5b2ce1e174aa3603589a4aa Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 06 Mar 2024 09:58:35 GMT x-amz-version-id vyyEeFrkOkZ.YdJWhBmcZUr4Z_dl0ZB. via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 4737297 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 625 last-modified Fri, 10 Feb 2023 19:24:30 GMT server AmazonS3 etag "3d94d6140ce4a9ff4736f46a00a2c666" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id ooBLnSgKtvWmC1oRb3nh-5zucqE-307TDx73eDLe-7mPa8Cl1TVnyw==
GET H2	200	64906dd5a836ca42170a1cf7_link.svg assets-global.website-files.com/63dbb928e89213590c5bfd53/	1 KB 1 KB	102ms 99ms	Image image/svg+xml	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/64906dd5a836ca42170a1cf7_link.svg Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a906213da48e61ce93ef61ee36def14e7bdae38449e1de2fe35306eac10eefd1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 04 Feb 2024 18:07:13 GMT x-amz-version-id vFQYOx1da5athJORDhQlVQXVFWDUKBZH content-encoding br via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 7386379 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 19 Jun 2023 15:01:43 GMT server AmazonS3 etag W/"cea4105bd5f06758d90b7f563aebf207" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id notF87WkGZZ4cvsD6keU8K55erkFN65pmHPzT13KfK9nERO66k0Tag==
GET H2	200	65fbd7ec31cf9a3136347682_ShadowRay.png assets-global.website-files.com/63e8dd453f71270c6845992b/	794 KB 796 KB	102ms 100ms	Image image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/63e8dd453f71270c6845992b/65fbd7ec31cf9a3136347682_ShadowRay.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4bdc3d456eed7e35b565f0034b9097a78e51658611ab33926084b8bab5835acb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 25 Mar 2024 16:12:45 GMT x-amz-version-id n5Pxi.eRaDheXEpJglCP3lfkXQwZ6B3U via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 3073247 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 813250 last-modified Thu, 21 Mar 2024 06:47:10 GMT server AmazonS3 etag "15276c5af9c9dcd347aa64bc1fa4f607" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id AIq_MuAKHMqs9_axJgD0Gki0JK74O6AtHz98Ln37A6hSz1I2-jPBKg==
GET H3	200	highlight.min.js Show response cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/	113 KB 40 KB	42ms 41ms	Script application/javascript	104.16.86.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/highlight.min.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/codehighlight.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1828162a4978444dfe33f4cd1f977f17cd13cf7d0f413f8eb9bab9437239736d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4108201 x-jsd-version 11.4.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230041-FRA, cache-lga21926-LGA x-jsd-version-type version server cloudflare etag W/"1c30f-0mStFr3znP7CsGwgIjuH/LN60ns" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyIVqJSkyVBgaIW%2FaXsgN2%2FbDJwqBaes0LOavU9LISFj1CTdar5eg2JHPXLWw%2BphGWv%2FgtL%2F6%2F5c%2BLix6qasE5BocLa5WewHMDQkB43gBwc26IryobTnA0BYFcs%2BHZs4No4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 87c545a11c5f1db3-FRA
GET H2	200	shadowray Show response go.oligo.security/meetings/mktg/ Frame DC07	64 KB 23 KB	470ms 59ms	Document text/html	2a06:98c1:3200::90:0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7daaef13d5835e5bc1f90ff6f905084be8acfad1f1a000568f25fa1ed8656722 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options no-sniff Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer https://www.oligo.security/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 60847 alt-svc h3=":443"; ma=86400 cache-control max-age=0, no-cache, no-store cf-cache-status HIT cf-ray 87c545a429b43cbd-CDG content-encoding br content-security-policy upgrade-insecure-requests content-security-policy-report-only script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net snap.licdn.com www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net googleads.g.doubleclick.net www.googleadservices.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=MeetingsPublic/static-1.41426/html/public-eu1.html&cfRay=87c545a4301d3cbd&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fmeetings%2Fmktg%2Fshadowray%3Fembed%3Dtrue%26parentHubspotUtk%3D6e5564ef82c1604c11eeaf011aa45999%26parentPageUrl%3Dhttps%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&referrer=https%3A%2F%2Fwww.oligo.security%2F&cfenv=prod&pdt=2024-04-30&csp=ro content-type text/html; charset=utf-8 date Tue, 30 Apr 2024 05:53:32 GMT expires Wed, 01 May 2024 05:53:32 GMT last-modified Mon, 29 Apr 2024 11:25:03 GMT nel {"report_to":"nel","max_age":86400} origin-trial Aqk2Dm2ZNOeMxifFm26pJzN4DTOHc1z7UYEx7QaWtHTVqsFhooI36f0r5tbw602aKbEI4WJ0fgx7+KHwlyi4HwwAAABceyJvcmlnaW4iOiJodHRwczovL2h1YnNwb3QuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= report-to {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]} reporting-endpoints default="https://send.hsbrowserreports.com/csp/reports?cfRay=87c545a4301d3cbd&resource=MeetingsPublic/static-1.41426/html/public-eu1.html" server cloudflare server-timing cfr;desc=87c545a4301d3cbd, d;desc="MeetingsPublic-eu1#e6d2e9d2-23a6-47d6-bb0b-887e99de23c6" strict-transport-security max-age=31536000 vary Accept-Encoding via 1.1 f328a0489a804ca030fedcbc744c4bf6.cloudfront.net (CloudFront) x-amz-cf-id WRiM_QvmdtROYiTM22bsFG2NAY0e4LGHQju1q5UBhx61rhEGOOb-0g== x-amz-cf-pop CDG52-P4 x-amz-replication-status COMPLETED x-amz-server-side-encryption AES256 x-amz-version-id N6WA4k6UpSP2E77XZJnhYVNGcoGEXJ6I x-cache Hit from cloudfront x-content-type-options no-sniff x-hs-target-asset MeetingsPublic/static-1.41426/html/public-eu1.html x-hs-worker-debug-mode false
GET H/1.1	200 OK	json Show response forms-eu1.hsforms.com/embed/v3/form/26088573/124733a1-1952-419d-808a-0ff59ea44829/	8 KB 4 KB	168ms 79ms	XHR application/json	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hsforms.com/embed/v3/form/26088573/124733a1-1952-419d-808a-0ff59ea44829/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064 Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9453a9676d6bb6abe8c8133edcacff089df127d22e1c9e9c2e2cbc672b8bfd06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Origin-Hublet eu1 Date Tue, 30 Apr 2024 05:53:32 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC Content-Encoding br x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id 27e1a8e8-f5bc-4b2a-8780-7a2fc6921943 Transfer-Encoding chunked x-envoy-upstream-service-time 21 Connection keep-alive alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 27e1a8e8-f5bc-4b2a-8780-7a2fc6921943 Server cloudflare Vary origin Access-Control-Allow-Methods OPTIONS, GET Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.oligo.security x-evy-trace-virtual-host all Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-7c766895b4-xfwmr Access-Control-Max-Age 180 X-Robots-Tag none Access-Control-Allow-Headers * CF-RAY 87c545a31e7a1c1c-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	290 KB 97 KB	47ms 46ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-MF9NP2JYC7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a17b0bf3bf43ea75ff84f32765681f5b313935bd07c75c393f1e05cf69d0867c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 99419 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 30 Apr 2024 05:53:32 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	244 KB 85 KB	47ms 46ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-11293028927&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 43cbc7400ae383171cf8f5c3c30a99a2e56b6390b8de3d03525565324d7da19c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 86750 x-xss-protection 0 last-modified Tue, 30 Apr 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 30 Apr 2024 05:53:32 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	48 KB 17 KB	145ms 34ms	Script application/javascript	2a02:26f0:3500:16::215:148d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 9941d2ff1cc99d68acf87db2bf00d461644f6a6f222af62c2fba71be5a97b447 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-edgeconnect-origin-mex-latency 160 date Tue, 30 Apr 2024 05:53:32 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 29 Apr 2024 18:02:39 GMT x-cdn AKAM x-edgeconnect-midmile-rtt 0 x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=43742 accept-ranges bytes content-length 17091
GET H2	200	26088573.js Show response js-eu1.hs-scripts.com/	2 KB 1 KB	192ms 101ms	Script application/javascript	172.65.208.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-scripts.com/26088573.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c413a930a92892b781034a88c75930fe19b4ecdbc2de2f3edd9acbdf1ce21a97 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-hubspot-correlation-id 2cff5047-3d19-4479-87e1-2f2b25bbf3da x-evy-trace-route-service-name envoyset-translator cf-polished origSize=2559 age 4706 x-envoy-upstream-service-time 24 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 2cff5047-3d19-4479-87e1-2f2b25bbf3da cf-bgj minify last-modified Tue, 30 Apr 2024 04:35:06 GMT server cloudflare access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.oligo.security x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-68d6f869c4-p7gp2 x-evy-trace-virtual-host all access-control-allow-credentials true cf-ray 87c545a34a0503fd-CDG
GET		reb2b.js.gz s3-us-west-2.amazonaws.com/b2bjsstore/b/ZQOQRJHZP062/	0 0
GET H/1.1	200 OK	json Show response forms-eu1.hsforms.com/embed/v3/form/26088573/124733a1-1952-419d-808a-0ff59ea44829/	8 KB 4 KB	486ms 67ms	XHR application/json	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hsforms.com/embed/v3/form/26088573/124733a1-1952-419d-808a-0ff59ea44829/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064 Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc68107edb8ed3968bb151197ddaaaa3a43b2400d65456cf784697f48460fac6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Origin-Hublet eu1 Date Tue, 30 Apr 2024 05:53:33 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC Content-Encoding br x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id c3e3569e-d364-4aff-a726-5426af5cef6d Transfer-Encoding chunked x-envoy-upstream-service-time 17 Connection keep-alive alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c3e3569e-d364-4aff-a726-5426af5cef6d Server cloudflare Vary origin Access-Control-Allow-Methods OPTIONS, GET Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.oligo.security x-evy-trace-virtual-host all Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-7c766895b4-wbjv5 Access-Control-Max-Age 180 X-Robots-Tag none Access-Control-Allow-Headers * CF-RAY 87c545a578781c1c-FRA
GET H2	200	65f926ac1b48de4de793ddcb_Epilogue-SemiBold.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	103 KB 47 KB	33ms 32ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/65f926ac1b48de4de793ddcb_Epilogue-SemiBold.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7aa0b6351efe78318fc83544d999dc9bf4e7e5b737606f4b456a78e7c1d5938e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Apr 2024 05:47:35 GMT x-amz-version-id pdNay.6hKnWV9swHTunkzccXHAGdGO0v content-encoding br via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) age 2505957 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 19 Mar 2024 05:46:22 GMT server AmazonS3 etag W/"de57d7ea55a2a87a6d408683fb3d7f07" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id ojdukG4bCd8P9UkDLJ4gdHu9NSUwlHksbDfJR1lctmMev7EhG5BhYQ==
GET H2	200	651e74c6e78c11856ab61c5a_Gilroy-SemiBold.ttf uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/	137 KB 57 KB	36ms 35ms	Font application/x-font-ttf	18.66.112.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/651e74c6e78c11856ab61c5a_Gilroy-SemiBold.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.7a3462aa3.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 8b4f5562de072aa2884798b9fdb2329ad4122d972a1bf2f58fe645b9623b0590 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://assets-global.website-files.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jan 2024 07:00:37 GMT x-amz-version-id vSbaHMcDYJkUdL3hvmaQ5PpWXDh6y8qt content-encoding br via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) age 9931976 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 05 Oct 2023 08:33:11 GMT server AmazonS3 etag W/"a5cf732b15078843b237bd58f3ed44cd" vary Accept-Encoding content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id sq1uo7YDF2yiWq-imYYWZ1gd84nh3ISCUUSwQHZy2_XbXPqVEMsoIg==
GET H2	200	api.min.js Show response a.omappapi.com/app/js/	51 KB 18 KB	131ms 27ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-383 cdn-cachedat 04/30/2024 03:26:34 cdn-pullzone 293267 last-modified Mon, 15 Apr 2024 18:01:26 GMT server BunnyCDN-DE1-1080 cdn-fileserver 750 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"661d6b76-cc60" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid f965850d998104e77d60664551517b52 cdn-requestcountrycode FR access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	indexV1.css cdn.privado.ai/version/	9 KB 2 KB	33ms 32ms	Stylesheet text/css	2600:9000:2156:da00:14:dc98:7700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privado.ai/version/indexV1.css Requested by Host: text URL: data:text/css,@import%20url%28%27https%3A//cdn.privado.ai/version/indexV1.css%27%29%3B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:da00:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b9ce9e5ab558f8774690620818b8c908516eb0973fd8d8c5890ee914e2f3dd0b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id _B0eOEcwYdXpeMn_c.asx3DOx0uy2s80 content-encoding gzip via 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront) date Mon, 29 Apr 2024 08:56:28 GMT last-modified Tue, 04 Oct 2022 20:12:40 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 age 75425 x-amz-server-side-encryption AES256 etag W/"0813fc920138afc00257b34ac67ec0fe" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css x-amz-cf-id 1-e6GS_t5RR7q2v51z0ZW2MmHVcKWPTmVEDN7HssIs_0sLkIBKC-uw==
GET DATA	200 OK	truncated /	58 B 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a729bf8c024d5760c02ecaba0804fce0c8256bcba9b507a3bfc528a9a366d6ac Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/css
GET H2	200	63ea1c60a717a64c03041370_Runtime%20application%20security%20and%20observability-Oligo%20-%20CTA.json Show response assets-global.website-files.com/63dbb928e89213590c5bfd53/	443 KB 310 KB	86ms 32ms	XHR application/json	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63ea1c60a717a64c03041370_Runtime%20application%20security%20and%20observability-Oligo%20-%20CTA.json Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/63dbb928e89213590c5bfd53/js/webflow.2c16f3196.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 199edd020f45388dd1a0eb3de4d584b7f1872428fbbf0ae11bdf0ebbc8bdfeb1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Jan 2024 08:54:55 GMT x-amz-version-id 85LR1kgdUwofcmd9.enrfDdEA6_45k3P content-encoding br via 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront) age 9147518 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 13 Feb 2023 11:17:54 GMT server AmazonS3 etag W/"d5650e85eaefd4e48cccd9b7b311082e" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id oD16cas4Zkw3DsQNSKdIaW7PI7Vy2vgiPBznuCqP4pNQjTBMKdz2FQ==
GET H2	200	v2.js Show response js-eu1.hsforms.net/forms/embed/ Frame F08A	482 KB 0	0ms 0ms	Script application/javascript	172.65.255.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsforms.net/forms/embed/v2.js Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 218 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=87c5404c795e5b4a-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"b0047a8901d8ed9f81db3dcb5982114e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5064/bundles/project-v2.js date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR via 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 603b090d-147a-4dbe-ba01-a6d8c48fe6cb x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 7 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 603b090d-147a-4dbe-ba01-a6d8c48fe6cb last-modified Wed, 03 Apr 2024 11:15:05 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSlr%2FSv8%2BW0nXMVDHOTOMPRXoRcsU6ENgJOL2N2hPQ8kpG905EEPrD8V%2BnMy5hwNI6wluykVs2cFHeAq5dwZb8glBYidm9OuJo9ZK1WAc%2Fj6LKw8ZNKf6Fbds7Xr2l24xAgKCA%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-xvsdk cf-ray 87c545a14e7571bf-FRA x-amz-cf-id LIXJH-Fwytgu91CR4LrPPUJxkgQz9draJ6b3vIDybZN60pLxRIh8Ew==
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	75ms 24ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-MF9NP2JYC7&gtm=45je44t0v9102446020z8898424824za200&_p=1714456412266&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1995603580.1714456413&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714456412&sct=1&seg=0&dl=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&dt=ShadowRay%3A%20First%20Known%20Attack%20Campaign%20Targeting%20AI%20Workloads%20Exploited%20In%20The%20Wild&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=911 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MF9NP2JYC7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 30 Apr 2024 05:53:32 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.oligo.security cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 439 B	264ms 175ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://www.oligo.security/ sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: FD29950AA87043E481AA098F21A97775 Ref B: PRAEDGE0809 Ref C: 2024-04-30T05:53:32Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 access-control-allow-origin https://www.oligo.security x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYXSf161OvtLTbWyG4ZPA==
GET H2	200	26088573.js Show response js-eu1.hs-analytics.net/analytics/1714451700000/	67 KB 21 KB	170ms 80ms	Script text/javascript	172.65.238.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-analytics.net/analytics/1714451700000/26088573.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27de550cb2e9bef93178ad677b72673e2dc30410cbc7a6c9a1c0a3658f80a268 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br cf-cache-status MISS x-amz-request-id KY7HYDFTDKCDRXWV x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 9e026d57-432c-4204-bc82-e71942bb0172 x-envoy-upstream-service-time 33 x-amz-id-2 oQOnifwUDRNhfEU31otvUDcL4k1fod3mtiuBb/U8iFqlNuz2mqUDtiVokUlacIX/5JsGs8mVd2A= x-evy-trace-listener listener_https x-request-id 9e026d57-432c-4204-bc82-e71942bb0172 x-evy-trace-route-configuration listener_https/all last-modified Wed, 24 Apr 2024 18:25:07 GMT server cloudflare etag W/"3e24b115d909ac2551eb7254dca9f7c7" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-k6cwk cache-control max-age=300,public access-control-allow-credentials false cf-ray 87c545a4ee6a6973-FRA expires Tue, 30 Apr 2024 05:58:32 GMT
GET H2	200	fb.js Show response js-eu1.hsadspixel.net/	6 KB 4 KB	142ms 41ms	Script application/javascript	172.65.219.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsadspixel.net/fb.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c67d8ce90160a6586cfd2c2a936959738f5b1843ebdfbac4325c4d1a9b61224 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id H75lIw.llLd5LbqLQfJpi4qQ6NOhCtlN via 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop FRA60-P6 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 091acf01-d92f-4f2a-9337-a2bc02a72693 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.551/bundles/pixels-release.js&cfRay=87c53cc29e9c92b9-FRA x-cache Hit from cloudfront cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br age 363 x-envoy-upstream-service-time 0 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 091acf01-d92f-4f2a-9337-a2bc02a72693 last-modified Fri, 19 Apr 2024 14:01:51 UTC server cloudflare etag W/"65a4cdf8f8c613ea8f766101eea8e667" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-4sw8g cf-ray 87c545a4f9af30cf-FRA x-amz-cf-id wQlE6KMsBKtFiaVqRE-ZzECPpk-rLmea4-mEhnScHBfICXW4PIAwWQ== x-hs-target-asset adsscriptloaderstatic/static-1.551/bundles/pixels-release.js
GET H2	200	web-interactives-embed.js Show response js-eu1.hubspot.com/	82 KB 25 KB	357ms 271ms	Script application/javascript	172.65.236.181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hubspot.com/web-interactives-embed.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8903e555bd60b3e66725a7316fa1c399c1c330b6f207dfbf294e287857d526c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1087/bundles/project.js&cfRay=87c545a4dd5bf0d7-CDG x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"aca27b624bf30d36e5f4f145ae76704a" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control max-age=600 x-hs-target-asset web-interactives-embed/static-2.1087/bundles/project.js date Tue, 30 Apr 2024 05:53:33 GMT x-amz-version-id iqAR5gkkMAkFd.Z3L05RGWJk1d1nl__E via 1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 67324c05-5400-46a6-a5e9-bac89984c5e8 x-cache RefreshHit from cloudfront cache-tag staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 218 x-evy-trace-route-configuration listener_https/all x-request-id 67324c05-5400-46a6-a5e9-bac89984c5e8 last-modified Fri, 26 Apr 2024 11:14:32 UTC server cloudflare access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GK%2FnaqfveCG%2FHBGa978x%2FLEAEUNWcggQJYnskb9UNIad%2FbxAkHnGuNU0cpJIGbKQVlm7hn4FzTT7uQ8AZwmaMDbM6Z8xwLqSWGhsHzOr0uqBp8Fg7EVXLlDYtxlyYTjbDlGmvg%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status MISS x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-xvsdk cf-ray 87c545a4dd5bf0d7-CDG x-amz-cf-id AlRzlGsSVo3sdOF8SUl-v8pFanEi-spUMqzV-d0uMJpTefcJFVCwZA==
GET H2	200	banner.js Show response js-eu1.hs-banner.com/v2/26088573/	71 KB 23 KB	166ms 69ms	Script text/javascript	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/26088573/banner.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc726f2cec480a7736031b98cb1b443a2ed29936f524e728c915ab3ba68f917a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id 0nEyulsaA3u5KVXYfa9vvpxl9FEj8fyH content-encoding br cf-cache-status REVALIDATED x-amz-request-id 1Q52ZDVW719V6M6Y x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 82359243-465f-4934-b89e-86f994d89e52 x-envoy-upstream-service-time 68 x-amz-id-2 Dt6O+PcLkxopDA/UhucGN6byHFoDHVQKWAxoJ1UeIx97ltFTn24QeuRLKyJQOUoFGOPyxAAYiq8= x-evy-trace-listener listener_https x-request-id 82359243-465f-4934-b89e-86f994d89e52 x-evy-trace-route-configuration listener_https/all last-modified Mon, 15 Apr 2024 14:49:18 GMT server cloudflare etag W/"f56f2e285ad083894522febd745ac6ce" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.oligo.security x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-849d5cf979-kpvjr vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 87c545a4fd0a2c25-FRA expires Tue, 30 Apr 2024 05:58:32 GMT
GET H2	200	collectedforms.js Show response js-eu1.hscollectedforms.net/	69 KB 25 KB	131ms 35ms	Script application/javascript	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hscollectedforms.net/collectedforms.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/26088573.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 559 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=87c537fc8e233615-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"020909a609cf986b4a8a88cfb577a8db" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset collected-forms-embed-js/static-1.491/bundles/project.js date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id _rd02ux3UWoVQsATQDf.p_LxkLPJ6umh via 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 369e3eea-1fa4-4e55-9342-68aca766b104 x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-envoy-upstream-service-time 11 x-evy-trace-route-configuration listener_https/all x-request-id 369e3eea-1fa4-4e55-9342-68aca766b104 last-modified Wed, 10 Apr 2024 18:06:23 UTC server cloudflare x-hs-cache-status HIT x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-xvsdk cf-ray 87c545a4f9dc5b32-FRA x-amz-cf-id wilCTPZ7b4ja29-q6l0BXUshf76dsMksMzcRWhojhhhbsOJL1teHbQ==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2 https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&coo... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5919313%26time%3D1714456412846%26url%3Dhttps%253A%252F%252Fwww.oligo.security%252... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&coo... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&co...	0 268 B	203ms 159ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLus8XtVC7OCgAAAY8tkMVVObluxKInY2kv38eFb3tqHELoB9ab2BvA6SJmt_j0TNCSE2c Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer https://www.oligo.security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Tue, 30 Apr 2024 05:53:33 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: C40D2AF1D29E436C8BB6F8BAED2E29F4 Ref B: PAR02EDGE0715 Ref C: 2024-04-30T05:53:33Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYXSf2H+HHHfGU/6zuPMQ== Redirect headers date Tue, 30 Apr 2024 05:53:33 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 5D28B919976C4F9D8F7761FAB2C3A422 Ref B: PRAEDGE0809 Ref C: 2024-04-30T05:53:33Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1714456412846&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLus8XtVC7OCgAAAY8tkMVVObluxKInY2kv38eFb3tqHELoB9ab2BvA6SJmt_j0TNCSE2c x-li-proto http/2 content-length 0 x-li-uuid AAYXSf2CtjGmpQeHXoqDzA==
GET H3	200	counters.gif forms.hsforms.com/embed/v3/	35 B 884 B	342ms 306ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 83cea8f3-9820-4893-96df-65b6aa972266 x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 83cea8f3-9820-4893-96df-65b6aa972266 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-zwww5 access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 87c545a50a0065a5-FRA
GET H2	200	bundle.production.js Show response static.hsappstatic.net/head-dlb/static-1.694/ Frame DC07	44 KB 16 KB	72ms 31ms	Script application/javascript	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/head-dlb/static-1.694/bundle.production.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d0bbe70153215633dda1bfd95760e3696f28d0b73c8e27aa997414632da7351 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id U.KBTXrKuXvXwPpljcwPyB_z8e7Eeg3x via 1.1 709380ea5bd18c88e4b28c987d105856.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 370119 x-amz-server-side-encryption AES256 content-encoding br x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 22 Apr 2024 20:49:07 GMT server cloudflare etag W/"5fa8134b2b90d811e55a35dc07dd29a5" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dug0Bn8Qr4EsA16rjaSmIUKYAqrYcEjl6MOvBvVJ9Tkq8%2BonJpvEjOxhjMreGGOJzAskfxEdbYrbgT6Dpk8RSjqLklPBBHIB5f5SVyCm3TFQjxXQjQ7zvbsCelBdLjj7ZIt7Ohv2VovIOrRnXB2p%2BGUg8qY%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 87c545a51bd30375-CDG x-amz-cf-id h7ar0_BgD_kYgnqr4AhFPzw2AvoutnKbMzKD06QSOK7ivQH3kHzwzQ== expires Wed, 30 Apr 2025 05:53:32 GMT
GET H2	200	configure-monitoring-eu1.js Show response static.hsappstatic.net/MeetingsPublic/static-1.41426/html/ Frame DC07	535 B 800 B	78ms 37ms	Script application/javascript	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsPublic/static-1.41426/html/configure-monitoring-eu1.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d12916104992a4cff8788f3595ae80a08d96017f8025d9c148d24d542954d55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id W1BPOvtEmNQbiLaleTahKayY_pogotCZ via 1.1 c71f0b857dc0e27dad67e2b7cd440f10.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 50655 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 29 Apr 2024 11:25:03 GMT server cloudflare etag W/"9497b8de03d7f70a8a19247858b9ec05" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXSN1on6J1lhG4R%2FLvU9x0P6EYjsyopcuvxX%2BJGEaSF9ZOtJYdQkNzuBB3jvQyXpQoltqvZTfxg3dKfscz3h2BU2NQpYe5ZkDiKIq1NDUEgv3ozlUZyqoeZeo%2F8rd6AygW4DSYZIXJe28KKg031hURMZEgQ%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 87c545a51bd40375-CDG x-amz-cf-id BWfuwb-fWhiY5B7Lrz53oRUFZZsEsNS7fTOhr1Ufoyk3iIqwwXPqjQ== expires Wed, 30 Apr 2025 05:53:32 GMT
GET H2	200	book-info-early-requester.js Show response static.hsappstatic.net/MeetingsPublic/static-1.41426/html/ Frame DC07	3 KB 2 KB	79ms 38ms	Script application/javascript	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsPublic/static-1.41426/html/book-info-early-requester.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed82e64580bca014764019da1c773c23bfa503308446575d207c55302eb281b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id 3LQoPozNGw74YBXczvAGqGBU9ghILTh5 via 1.1 709380ea5bd18c88e4b28c987d105856.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 50655 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 29 Apr 2024 11:25:03 GMT server cloudflare etag W/"d773f63bcbb21de2a87a33b3a2f2f8f6" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ligz9CdMMAQUJy6ZambZCdPTTgfXa%2BZFKLE%2FeidPxE8xdIl4bzLDm6QI4YncNLPUEWRg9tQroAbExO1yWxvpw6fsDQl0m0vJBNEuk0lq1PDbGjH7S3Fz5i57EaZMjaI211MG2KNjMbHSAhTb9asRDvF90Y%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 87c545a51bd50375-CDG x-amz-cf-id uXXerQ-c6d3286jnD2TyX92lvJDj80i9L5OaInfLUC_zcgCLyihvVg== expires Wed, 30 Apr 2025 05:53:32 GMT
GET H2	200	project_with_deps.css static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/ Frame DC07	184 KB 26 KB	32ms 30ms	Stylesheet text/css	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c0b94ef069925ae2b67e0f97367ac2a12facce34224a1f33ad3141e45102f77 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id I1KLfS.LWxvzpMcIVrUCXTq5coJdhV9R via 1.1 659f7e30714eec8c6be60dc1c3cca158.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop CDG52-P4 age 60897 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 29 Apr 2024 11:25:03 GMT server cloudflare etag W/"e30da7adcb5128a15e9d797cd069a41e" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FsnqRT0N%2FFXERdqTXp2HwqSyBwNPdB5h89mD46vEO7%2FqDl4ILiie8PQZNZR6VeQEMu8%2Blj9T6ZYCglA8zZbj5mrNWtCJq9aSNFovn8lWEN9l1UebKvbCRfAjk810Kh8ysu3v1nCrssi%2FGFdhWCfPUNiIOhU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 87c545a4ebe6214f-CDG x-amz-cf-id vHnYTiptD9IoKxdWMZ2rmhJhy9yn_OQPFldhp75JTUkQuq-dRFSGZg== expires Wed, 30 Apr 2025 05:53:32 GMT
GET H2	200	bundle.production.js Show response static.hsappstatic.net/hubspot-dlb/static-1.584/ Frame DC07	300 KB 94 KB	72ms 32ms	Script application/javascript	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/hubspot-dlb/static-1.584/bundle.production.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 509a9d339ee06fb3034ec7014f5b28f2ee8ad5f8e92c0a2c23d48287e056a194 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id n794lfv7ZCL.9zgPEdj.WCP7tG.8rGdt via 1.1 b433bae8efc972ce008786192dd6db82.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 50654 x-amz-server-side-encryption AES256 content-encoding br x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 26 Apr 2024 16:18:27 GMT server cloudflare etag W/"68525d6c279c2d0fe12ba37a2e70c656" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cA%2FoApUC0zJj5VfFIW6XJg2U7pUBh7IkGCF8SdlRxI5%2BYSzDi%2BzBKsBf4odKu1E02d4hCrOfqIKAwuYKkq7GkgOZ2Oyk7M40P6IX2JAusKz7XMmelH%2FBSQYlyamuniVL9s%2BXbkpLZJPmPTonDW2i%2FyqNDv8%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 87c545a51bd70375-CDG x-amz-cf-id Y7HHwlU-EzH3kDC9cRZbMtfEodm7OXeSfmR2JY3eRQLU8DrIhQPjfQ== expires Wed, 30 Apr 2025 05:53:32 GMT
GET H2	200	project.js Show response static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/ Frame DC07	1 MB 350 KB	78ms 38ms	Script application/javascript	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f432fb91ea21afc365a7e4f98578b4164ab93934036329d90bbe9e9136c585f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id YKpflK2gxFEvCNB0sAMmZ1LslQgZZhIX via 1.1 5cb640bbbaa55dec4a9f2ef093c54cf4.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 50655 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 29 Apr 2024 11:25:03 GMT server cloudflare etag W/"9ee6d26dd45cb43428a9a36182755407" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJFpPUK3u3KyXXQqu5%2Bu8ujIbOH7vma1pLCxIt2xqYNuvXKz%2B%2BKdJHG3velZVTb945E1BHYvYcHe2XNenOfJ%2Fwb5FiwKODaFnKumT8WyFuGYFKQUCaj1p8vQU1zF%2BirOlEeoc0SkSDEMgAsFjakeKc%2BinBY%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 cf-ray 87c545a51bd60375-CDG x-amz-cf-id jrf6XJgHbw7zf1FTjjGzpCvNxp8NTAPQ1QF60sRfmgr5ithjpFusPQ== expires Wed, 30 Apr 2025 05:53:32 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame F08A	2 KB 852 B	98ms 36ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0ad451e8b28ec1e09590b92eff4648c1c79e5b369608d4331fc62745859a3fa8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 30 Apr 2024 05:53:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 30 Apr 2024 05:09:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 30 Apr 2024 05:53:33 GMT
GET H2	200	api.min.css a.omappapi.com/app/js/	10 KB 3 KB	29ms 29ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.css Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 0d47dbbac748871e5314dc3f196d618bd32e3f102be480b8dc6fdfe2690d676e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT content-encoding br cdn-edgestorageid 1082 perma-cache HIT cdn-storageserver DE-663 cdn-cachedat 04/30/2024 03:26:34 cdn-pullzone 293267 last-modified Mon, 15 Apr 2024 18:02:32 GMT server BunnyCDN-DE1-1080 cdn-fileserver 728 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"661d6bb8-2644" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 76dd7976d38c261cd1c38b59474d3bcf cdn-requestcountrycode FR access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	401	317569 Show response api.omappapi.com/v2/embed/	165 B 592 B	232ms 167ms	XHR application/json	2606:4700:3108::ac42:2908 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/317569?d=oligo.security Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2908 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT via 1.1 1c3fd360f9180df951de65a1652b5b5a.cloudfront.net (CloudFront) cf-cache-status DYNAMIC x-cache-config 0 0 x-amz-cf-pop CDG53-C1 x-cache Error from cloudfront content-length 165 x-user-agent standard-- server cloudflare vary Accept-Encoding, User-Agent content-type application/json access-control-allow-origin * cache-control public, max-age=120, stale-while-revalidate=1800 cf-ray 87c545a57a699ed7-CDG access-control-allow-headers X-CSRF-Token x-amz-cf-id heJd14YySr5rEOLJT7bdslZRy6tc6rki2RanfRhtW_bguSaQprH42A== expires Tue, 30 Apr 2024 05:55:33 GMT
GET DATA	200 OK	truncated /	27 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1aad639db4761313e379313bd160db8383ba569f5ad869320b399168890ba716 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	20 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a17dafd72b90f331e2c2b39725103c86e28f248432afe0eca3367a403192f9af Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	28 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d64bfd2f19b569cb9b9ad4c9f3183e097378cdc24863c0fb380d4e8dcd702b24 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	37 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56f89b529d3ae32e7ba6175c30c1d04c7df4f4ea67bb7b5ed0f160ca87e00e1e Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	33 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc0aaecc5bd879dc1c14c28524bbdc9dd9e3254ee383156709d073b50135ba65 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	27 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 16b27d1adef67c2363ff3b3af1b8439efdf36f57fc30aed6f3f7aaa59edd31d2 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	43 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 966f96ad4d511b3b134817e612cd8efa16d4ba693dacb7bba5522807d664c078 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	25 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65bd183a8e6b6e87555bb7aad153c7b18c9edb58b4daba4b265345dda21a9c91 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	27 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f8e1a9995baf1e6cf3208860c38185eb6c78cd1a0bbda27c82b01caa1ec9ad1e Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	49 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b5f6a87cbf95c32bf63d3903a55530a886750b8ca02ad3548604b3cc73da2d6 Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	counters.gif forms-eu1.hsforms.com/embed/v3/	35 B 1 KB	409ms 52ms	Image image/gif	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 30 Apr 2024 05:53:33 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id 2b521d03-ea0f-4370-977f-767997db666f x-envoy-upstream-service-time 6 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 2b521d03-ea0f-4370-977f-767997db666f Server cloudflare Vary origin Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-7c766895b4-6k94s Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false X-Robots-Tag none CF-RAY 87c545a78e3c1e4c-FRA
GET H2	200	book Show response api-eu1.hubspot.com/meetings-public/v3/ Frame DC07	16 KB 4 KB	678ms 579ms	XHR application/json	172.65.202.85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubspot.com/meetings-public/v3/book?slug=mktg%2Fshadowray&now=1714456413049&includeInactiveLink=true&location=go.oligo.security&hubspotUtk=6e5564ef82c1604c11eeaf011aa45999&timezone=Europe%2FParis&parentCosPageUrl=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&hs_static_app=MeetingsPublic&hs_static_app_version=1.41426&clienttimeout=12000 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.694/bundle.production.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 662619a81eadc64d18e49a4f045f0664bdff3d20dc1f44a2b64e76324a63d6ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/javascript, */*; q=0.01 Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 4526a47a-6916-442e-bb2c-7cda1f8dd94d content-encoding br x-envoy-upstream-service-time 457 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 4526a47a-6916-442e-bb2c-7cda1f8dd94d server cloudflare vary origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQyygmGR3EP88ywPJP37nFwvx0HgUZB9hBN8Z1KtZyVvsWLKlBVBk%2BU%2Fqtx5hxUzEHRCqrG3%2FIK8HkU8htBkSDrK3ZiXeaCCUX%2F3NUbzhmIh607P382o8FZgxpcSwqNJvMAXmUw%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-68d6f869c4-xvp7b access-control-allow-credentials false cf-ray 87c545a65ea02beb-FRA access-control-allow-headers Content-Type, X-HubSpot-Static-App-Info
GET H2	200	json Show response forms-eu1.hscollectedforms.net/collected-forms/v1/config/	116 B 460 B	70ms 51ms	XHR application/json	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26088573&utk= Requested by Host: js-eu1.hscollectedforms.net URL: https://js-eu1.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c5013b0c800324264ccbe5fe549f21cc08e7db884d957f40f96186493bce359 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id f6a2ac8f-571d-4bce-84f5-3d525e0ebc0e x-envoy-upstream-service-time 14 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f6a2ac8f-571d-4bce-84f5-3d525e0ebc0e server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.oligo.security x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-4sw8g access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 87c545a5fa525b32-FRA
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/ Frame F08A	8 KB 8 KB	89ms 26ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 11:24:56 GMT x-content-type-options nosniff age 325717 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 26 Apr 2025 11:24:56 GMT
GET H2	200	cf-location Show response js-eu1.hs-banner.com/v2/	6 B 149 B	69ms 27ms	Fetch text/plain	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/cf-location Requested by Host: js-eu1.hs-banner.com URL: https://js-eu1.hs-banner.com/v2/26088573/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a41c8a6265bcf79c1dd3ea6af9f96eeeafcac1ff7070d31a78c43ba5923b5766 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private, max-age=1500 cf-ray 87c545a61a77d29b-CDG content-length 6
GET H2	200	v2.js Show response js-eu1.hsforms.net/forms/embed/ Frame 8470	482 KB 0	0ms 0ms	Script application/javascript	172.65.255.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsforms.net/forms/embed/v2.js Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 218 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=87c5404c795e5b4a-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"b0047a8901d8ed9f81db3dcb5982114e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5064/bundles/project-v2.js date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR via 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 603b090d-147a-4dbe-ba01-a6d8c48fe6cb x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 7 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 603b090d-147a-4dbe-ba01-a6d8c48fe6cb last-modified Wed, 03 Apr 2024 11:15:05 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSlr%2FSv8%2BW0nXMVDHOTOMPRXoRcsU6ENgJOL2N2hPQ8kpG905EEPrD8V%2BnMy5hwNI6wluykVs2cFHeAq5dwZb8glBYidm9OuJo9ZK1WAc%2Fj6LKw8ZNKf6Fbds7Xr2l24xAgKCA%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-xvsdk cf-ray 87c545a14e7571bf-FRA x-amz-cf-id LIXJH-Fwytgu91CR4LrPPUJxkgQz9draJ6b3vIDybZN60pLxRIh8Ew==
GET H2	200	css2 fonts.googleapis.com/ Frame 8470	2 KB 0	98ms 36ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Requested by Host: js-eu1.hsforms.net URL: https://js-eu1.hsforms.net/forms/embed/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0ad451e8b28ec1e09590b92eff4648c1c79e5b369608d4331fc62745859a3fa8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 30 Apr 2024 05:53:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 30 Apr 2024 05:09:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 30 Apr 2024 05:53:33 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/ Frame 8470	8 KB 0	89ms 26ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Response headers date Fri, 26 Apr 2024 11:24:56 GMT x-content-type-options nosniff age 325717 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 26 Apr 2025 11:24:56 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/ Frame 8470	8 KB 8 KB	26ms 25ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://www.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 22:07:27 GMT x-content-type-options nosniff age 287166 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:01:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 26 Apr 2025 22:07:27 GMT
GET H2	200	spacesword-low.woff2 static.hsappstatic.net/icons/static-2.564/fonts/ Frame DC07	49 KB 49 KB	29ms 28ms	Font application/font-woff2	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/icons/static-2.564/fonts/spacesword-low.woff2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42d141278079290804718e929392137f7fbbdfe350394babf5322c75a63b688f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT x-amz-version-id hXTwL1KpadJZFoUlQVVifd6c5LI_W03z via 1.1 ed71207163e5f09b65cf445d148a3832.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 1378595 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 50036 last-modified Thu, 28 Mar 2024 18:31:16 GMT server cloudflare etag "ae0299894be58b03118e0fb449b0b19b" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZCNJdbBzjtqWETpSBsPGijDV3irCnpHhTB7guLWPGOxCBrNCitkd26aoH6JtG5oYPJEsg8X6VOXVlNp7ATPHSktGbIe1SbaRs6Dw%2F%2BW%2BixWlXLovT3TfpVY2iycM%2BG5JRTiP5kI%2Bw9JVMBnc0BIyV9qDdRg%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 accept-ranges bytes cf-ray 87c545a73d010375-CDG x-amz-cf-id H7D68bxFDut8YRCxMxR3HYB8he2DKErnT8two00UsSra98BKZvAjEQ== expires Wed, 30 Apr 2025 05:53:33 GMT
GET H2	200	LexendDeca-Light.woff2 static.hsappstatic.net/ui-fonts/static-1.315/fonts/ Frame DC07	28 KB 29 KB	30ms 30ms	Font application/font-woff2	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/ui-fonts/static-1.315/fonts/LexendDeca-Light.woff2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e07659d8ab7dcada320134e744176947ca18e9e1cd094081764c1d0cd9af1b7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT x-amz-version-id 6nccCarBXs0h7rJqcfzi7C5I.JaQfjH3 via 1.1 69b4ccb4caed8bb6a3a45a0df08d1446.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop CDG52-P2 age 1200211 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 29088 last-modified Thu, 28 Mar 2024 18:31:34 GMT server cloudflare etag "f4369286388c3db9746601597e9ddb27" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8BpWiOb2%2BYeZM6nWQ%2FWFYatFY1wqXZFpvPc8P7h7Bp72tm1H7lxOsEVJWWGj5ejc4OpRgpPWNErzhNgPGXGkXNEH10DE0NnNN3lD5ge4nd%2F%2FZ%2BkmIhoxjYYT4rmtFBo3tY0lQHjP%2FkuBG3VLtRELg1LeGY%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 accept-ranges bytes cf-ray 87c545a73d020375-CDG x-amz-cf-id CcvZl2MCRoqzOAXArD95TGIdlD-47AW05CkOHxxMqeNHwRraml5c0g== expires Wed, 30 Apr 2025 05:53:33 GMT
GET H2	200	json Show response api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	114 B 1 KB	102ms 53ms	XHR application/json	2a06:98c1:3200::90:1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=26088573 Requested by Host: js-eu1.hsadspixel.net URL: https://js-eu1.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6db7b2c241104c68064ee3e78c314510984ab6d446e4096acca7d5e7a499522 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 868fab86-7957-457d-80b6-b3dd82e2cca8 content-encoding br x-envoy-upstream-service-time 8 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 868fab86-7957-457d-80b6-b3dd82e2cca8 server cloudflare vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.oligo.security x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials false x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-68d6f869c4-zxr99 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31rfimmOTG87qyN8SvHKaBlvlHVfh%2BP%2B9CUq4WO8lmh25CAMXo9IDqsFV4NiMiOxnrRFk3aQNugyQvWmt05f7R6uUse2wig8X9qTn75FVCzdk5Ts29mdWx1CsM09zdwQF7R%2Fj3lGetxEjHHBq%2Bdo0A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 87c545a77ad29e7b-CDG access-control-allow-headers *
GET H2	200	combinedConfigs Show response cta-eu1.hubspot.com/web-interactives/public/v1/embed/	433 B 2 KB	114ms 63ms	Fetch application/json	172.65.198.159 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cta-eu1.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=26088573&currentUrl=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild Requested by Host: js-eu1.hubspot.com URL: https://js-eu1.hubspot.com/web-interactives-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.198.159 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 2433bcbf-644a-46c0-bc50-5aaa388dca99 content-encoding br x-envoy-upstream-service-time 15 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 2433bcbf-644a-46c0-bc50-5aaa388dca99 server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.oligo.security x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials true cache-control max-age=0, no-cache, no-store report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewYEkLvy01DwDtEMBQuRbrl%2BXak0a9lfEpYqjjpm1JLxuEZKAnLgMeQ6uozThHHZTJWSK0vaHIeB49XsxBRxJd3%2BWhjU4BeteE8Yz5T8kDHuSzEUwQ6eI3YSmX0R430rczFykxU%3D"}],"group":"cf-nel","max_age":604800} x-robots-tag noindex, follow access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 87c545a78bb3f118-CDG x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-7c766895b4-6k94s
GET H2	200	nr-spa-1216.min.js Show response js-agent.newrelic.com/ Frame DC07	49 KB 19 KB	63ms 17ms	Script application/javascript	2602:816:5001::39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1216.min.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:816:5001::39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Security Headers Name Value Strict-Transport-Security max-age=300 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id MElzWumrf8lREc3kORDlSWHVtEZAK4m8 content-encoding br via 1.1 varnish date Tue, 30 Apr 2024 05:53:33 GMT strict-transport-security max-age=300 x-amz-request-id 4WAY8AB5FKTR0ED2 x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 19141 x-amz-id-2 QCpWEKCB2iEDWQIJraC+vPkDEkkAQRGotqP1nJuJIB69TnU7oQgBWZgKQ+FJ43Xozz0w242K5kdkawGizuRORMDxh6IgBO/7 x-served-by cache-lcy-eglc8600079-LCY last-modified Wed, 18 Oct 2023 21:31:16 GMT server AmazonS3 etag "63e2df852d15ab21d7ff8fc4363222e8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 100754
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	48 KB 0	0ms 0ms	Script application/javascript	2a02:26f0:3500:16::215:148d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: js-eu1.hsadspixel.net URL: https://js-eu1.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 9941d2ff1cc99d68acf87db2bf00d461644f6a6f222af62c2fba71be5a97b447 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-edgeconnect-origin-mex-latency 160 date Tue, 30 Apr 2024 05:53:32 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 29 Apr 2024 18:02:39 GMT x-cdn AKAM x-edgeconnect-midmile-rtt 0 x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=43742 accept-ranges bytes content-length 17091
GET H/1.1	200	f9d051f404 Show response bam-cell.nr-data.net/1/ Frame DC07	79 B 579 B	317ms 234ms	Script text/javascript	162.247.243.30 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1032&ck=1&ref=https://go.oligo.security/meetings/mktg/shadowray&be=674&fe=957&dc=903&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1714456412391,%22n%22:0,%22f%22:14,%22dn%22:379,%22dne%22:379,%22c%22:379,%22s%22:397,%22ce%22:427,%22rq%22:427,%22rp%22:486,%22rpe%22:491,%22dl%22:532,%22di%22:903,%22ds%22:903,%22de%22:903,%22dc%22:956,%22l%22:957,%22le%22:958%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:false,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:true,%22conditionalPolyfillsInstalled%22:false,%22package%22:%22MeetingsPublic%22,%22packageVersion%22:%221.41426%22,%22template%22:%22public-eu1.html.js%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22scriptStartTime%22:657.8000030517578,%22appStartTime%22:797.0999984741211,%22i18nTime%22:802.0999984741211,%22i18nLangLocale%22:%22en-us%22,%22i18nDateNumFormat%22:%22en-us%22,%22isNewI18nLoader%22:true,%22bookInfoFetchPreRender%22:false,%22meetingsLibVersion%22:%22static-2.38809%22,%22reactRhumbVersion%22:%221.10496%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22%7D&jsonp=NREUM.setToken Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.30 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f2205c30ab0d0a86cd0d715cf483bafd550c0ea9d4ddb24e2c182f1d7f024144 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/javascript access-control-allow-origin * access-control-expose-headers Date access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive timing-allow-origin * Content-Length 79 x-served-by cache-lcy-eglc8600046-LCY
GET H/1.1	200 OK	counters.gif perf-eu1.hsforms.com/embed/v3/	35 B 1 KB	313ms 233ms	Image image/gif	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf-eu1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1 Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 30 Apr 2024 05:53:33 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status MISS x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id 84c24a28-e8da-496d-a3cf-ff4cc11da84d x-envoy-upstream-service-time 5 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 84c24a28-e8da-496d-a3cf-ff4cc11da84d Last-Modified Tue, 30 Apr 2024 05:53:33 GMT Server cloudflare Vary origin, Accept-Encoding Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-7c766895b4-wbjv5 Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false Accept-Ranges bytes X-Robots-Tag none CF-RAY 87c545a87b18019c-CDG
GET H2	200	user Show response api-eu1.hubspot.com/meetings-public/v1/book/ Frame DC07	216 B 852 B	62ms 62ms	XHR application/json	172.65.202.85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubspot.com/meetings-public/v1/book/user?hs_static_app=MeetingsPublic&hs_static_app_version=1.41426&includeInactiveLink=true&slug=mktg%2Fshadowray Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.694/bundle.production.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52718b3f073ab2b34a8205c4df3963c4a0e7a43789db9db8408b15e5b4bd1bdf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/javascript, */*; q=0.01 Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 725f2bf0-ff6e-42c0-b994-3eadf8783b10 content-encoding br x-envoy-upstream-service-time 9 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 725f2bf0-ff6e-42c0-b994-3eadf8783b10 server cloudflare vary origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQXSq83GBtqmcnWuvhQhKgWvxbe0ryvI8g2sh8kBgbIk%2BjSPjg2yVzv8tNszfOL2CI9X5OqVV1AOvtSxqHghLd%2BPjbvdlV6IAfVmhd45v9HiWVSe7PsNumiy%2BsFFKv6otLbMwXw%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-68d6f869c4-n4jzc access-control-allow-credentials false cf-ray 87c545aa09802beb-FRA access-control-allow-headers Content-Type, X-HubSpot-Static-App-Info
POST H/1.1	200	f9d051f404 Show response bam-cell.nr-data.net/events/1/ Frame DC07	24 B 344 B	106ms 106ms	XHR image/gif	162.247.243.30 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/events/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1368&ck=1&ref=https://go.oligo.security/meetings/mktg/shadowray Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.694/bundle.production.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.30 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 30 Apr 2024 05:53:33 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type image/gif access-control-allow-origin https://go.oligo.security access-control-allow-credentials true Connection keep-alive Content-Length 24 x-served-by cache-lcy-eglc8600046-LCY
GET H2	200	26088573.js Show response js-eu1.hs-scripts.com/ Frame DC07 Redirect Chain https://js.hs-scripts.com/26088573.js?analyticsCommon=true&disableCollectedForms=true https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true	2 KB 817 B	78ms 78ms	Script application/javascript	172.65.208.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true Protocol H2 Server 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfc9087a8b5c756943851f26d6b2d9a17ff34f64aaa49ac2e4168a9f39994e5c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer https://go.oligo.security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Tue, 30 Apr 2024 05:53:34 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0b2affd6-3c78-4733-a8a6-9d1a5fc7452c x-envoy-upstream-service-time 19 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0b2affd6-3c78-4733-a8a6-9d1a5fc7452c last-modified Tue, 30 Apr 2024 03:38:43 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-68d6f869c4-p7gp2 access-control-allow-credentials true cf-ray 87c545accf4903fd-CDG Redirect headers date Tue, 30 Apr 2024 05:53:34 GMT x-content-type-options nosniff cf-cache-status MISS x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 44b83960-5cdc-46c1-8cfc-5e80ecad32c8 x-envoy-upstream-service-time 2 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 44b83960-5cdc-46c1-8cfc-5e80ecad32c8 server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 location https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-cdqsj cache-control public, max-age=90 cf-ray 87c545ab0d0d9edc-CDG expires Tue, 30 Apr 2024 05:55:04 GMT
GET H2	200	LexendDeca-Medium.woff2 static.hsappstatic.net/ui-fonts/static-1.315/fonts/ Frame DC07	29 KB 29 KB	30ms 30ms	Font application/font-woff2	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/ui-fonts/static-1.315/fonts/LexendDeca-Medium.woff2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28e859a343b92d20c6a2fa4424bbdf166ea01d0f479d719823d68872d68103cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT x-amz-version-id t47xrrW9hKhbxucq7ExoE59ZaSdkJRzP via 1.1 c71f0b857dc0e27dad67e2b7cd440f10.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 2292654 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 29452 last-modified Thu, 28 Mar 2024 18:31:34 GMT server cloudflare etag "b8a544816ba2b3956f03a168d5001e5f" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OtDUBeWGLZrvI2x1pZ6rk0vvvULEDQMA45zvBF72ATv8wMhZqIhtdILXEVlaPush7hxS1RiMxDj6MoooASwDeOchdUVCrtpqOgM9W6C0ZGhssALkRNEPIwg0%2FDVHh1VZBNlkW4Kcvz9bjuHkl0rcNZ0vfXw%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 accept-ranges bytes cf-ray 87c545aaef540375-CDG x-amz-cf-id zdbf2_En1Zz73KlqX7U9BecqPeyk9rPghYuknFy_FqXsS0EBMdCxew== expires Wed, 30 Apr 2025 05:53:33 GMT
GET H2	200	LexendDeca-SemiBold.woff2 static.hsappstatic.net/ui-fonts/static-1.315/fonts/ Frame DC07	29 KB 30 KB	31ms 31ms	Font application/font-woff2	2606:4700::6811:ac5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/ui-fonts/static-1.315/fonts/LexendDeca-SemiBold.woff2 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1c036584fd4b67f626534b37eef7a19ecf8954e478e78d0329248f2286126e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project_with_deps.css Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT x-amz-version-id H25xVUVFxCPamQXh5YExrFMcPcediaor via 1.1 927285687bace94d90da4630edce9fec.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop TLV50-C2 age 2292653 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 29604 last-modified Thu, 28 Mar 2024 18:31:34 GMT server cloudflare etag "1a6b3ef841e99bc026b66072be732cbb" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXDLxTpiZPAPfmzKfRKHGAGZ%2BanHPo8MNDJl2Jatl0K7iywJQLOQIOFC6U39mGcll%2FLBTBA52wbCByGlGzUjyBkQd6HyF6bhHxnsBOiE6Syax3%2Fh1Hb5P8i7fCrjv5B6DqFRC8zE5nVuuki5retXn2d3FwU%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control public, max-age=31536000 accept-ranges bytes cf-ray 87c545aaef550375-CDG x-amz-cf-id W3XgzsCmUvzLTfU5_0n4Aw2A4giHa53dsjT8n5PCxCEyRb1XMmLCfQ== expires Wed, 30 Apr 2025 05:53:33 GMT
POST H2	204	rhumb app.hubspot.com/api/cartographer/v1/ Frame DC07	0 1 KB	196ms 141ms	Ping text/plain	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=MeetingsPublic&hs_static_app_version=1.41426 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/MeetingsPublic/static-1.41426/bundles/project.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 30 Apr 2024 05:53:34 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c1bf303c-4ee2-4eba-bcf8-23920d58ce11 x-envoy-upstream-service-time 12 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c1bf303c-4ee2-4eba-bcf8-23920d58ce11 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IwuuTcqtctbTop3X%2BcWCmGXxYxwTHA9iWENrlRnCj97jybRf9iWjxPUwsASBu48uNilzb98vW8WCD0GP%2BM68MULnIP%2BDtVq0umKrLXAKnq%2BuyObFS5ejR54Nq6WsTMY1e%2BPRsx7UNQcqjurwzw%3D%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-fpdfw x-evy-trace-virtual-host all access-control-allow-credentials false cf-ray 87c545ab4a6bd548-CDG
GET H2	200	Group%2062468533-1.png 26088573.fs1.hubspotusercontent-eu1.net/hubfs/26088573/ Frame DC07	52 KB 53 KB	209ms 152ms	Image image/webp	2a06:98c1:3200::90:0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://26088573.fs1.hubspotusercontent-eu1.net/hubfs/26088573/Group%2062468533-1.png Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 985e61deda594c7d9cc6298db36f37140a83a8b3989fddee62a36c50bb881b7c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-meta-cache-tag F-80156383970,P-26088573,FLS-ALL age 2282810 x-amz-request-id 7DSY10GZ3RN6V2CN x-amz-server-side-encryption AES256 edge-cache-tag F-80156383970,P-26088573,FLS-ALL x-amz-replication-status COMPLETED content-disposition inline; filename="Group%2062468533-1.webp" x-hs-cf-lambda us-east-1.SetCacheTagHeaders 4 cf-bgj imgq:85,h2pri etag "642d21eeb0463e0ff8fa9d22b8e5d623" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * x-amz-meta-created-unix-time-millis 1695294412410 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-robots-tag none date Tue, 30 Apr 2024 05:53:34 GMT via 1.1 7fc41227386600a12b18801d6d174000.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-version-id 6JIWfyUuijqDorCmA6COSvbapfPgRNlZ x-amz-cf-pop CDG50-C2 x-hs-alternate-content-type text/plain cf-polished origFmt=png, origSize=104475 x-cache RefreshHit from cloudfront cache-tag F-80156383970,P-26088573,FLS-ALL x-amz-meta-index-tag none x-amz-storage-class INTELLIGENT_TIERING content-length 53100 x-amz-id-2 EKcJYvle+Zdex4GAaDlisoCTjXHmNMH0Vi8W5PtHp3LAJ2tmpxnTmXd2vtc223+OPO1Hnwe1t80= last-modified Thu, 21 Sep 2023 11:06:53 GMT server cloudflare accept-ranges bytes cf-ray 87c545ab4f106985-CDG timing-allow-origin 26088573.fs1.hubspotusercontent-eu1.net x-amz-cf-id CyYnezlpu8GMdaE_UOYG8C6CsYcSg00lbCurkg2bLBFK-9lk6tIYCQ==
GET H3	200	zi-tag.js Show response js.zi-scripts.com/	9 KB 3 KB	75ms 40ms	Script application/javascript	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/zi-tag.js Requested by Host: www.oligo.security URL: https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7914b5c306a51678e7d777317f64c95d31437c47344063ec422c6bb2b4d9d718 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:34 GMT x-amz-version-id dVMibCEMTCuxskBoUeMfPfbdoSsUE0a9 content-encoding gzip cf-cache-status DYNAMIC via 1.1 98856bd09231d01c667222ebf203b580.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P1 age 85828 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 17 Apr 2024 10:26:25 GMT server cloudflare etag W/"20a410e0e98a302abb9e907a2c7e0d10" vary Accept-Encoding content-type application/javascript cf-ray 87c545ab7dea22ac-CDG x-amz-cf-id 2bDE05DrUjHn3l40jVg3Zhybsv9mKbRa4eS1JNVelPpu4cXWHJsEHA==
GET H2	200	blockedDomains.json Show response hubspotonwebflow.com/assets/js/	98 KB 23 KB	93ms 92ms	Fetch application/json	76.76.21.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hubspotonwebflow.com/assets/js/blockedDomains.json Requested by Host: hubspotonwebflow.com URL: https://hubspotonwebflow.com/assets/js/form-124.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:34 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id cdg1::tlnsp-1714456413972-46cbb0734b6d age 991279 x-matched-path /assets/js/blockedDomains.json etag W/"04708d47dd194d37b8231a65de7a66f1" x-vercel-cache HIT content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="blockedDomains.json"
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 745 B	134ms 71ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=4046427330&v=1.1&a=26088573&rcu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&pu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&t=ShadowRay%3A+First+Known+Attack+Campaign+Targeting+AI+Workloads+Exploited+In+The+Wild&cts=1714456413956&vi=6e5564ef82c1604c11eeaf011aa45999&nc=true&u=263486035.6e5564ef82c1604c11eeaf011aa45999.1714456413954.1714456413954.1714456413954.1&b=263486035.1.1714456413953&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id db4beb69-2a07-4163-a7a1-64fb08c405e1 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 2 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id db4beb69-2a07-4163-a7a1-64fb08c405e1 last-modified Tue, 30 Apr 2024 05:53:34 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6vLW3f%2B2YtG681NFY3NXB%2BdC2y%2F2e3TgQ8RXTc6LN8Uf4Ic1pUzHctoprLBKOqVcv6bmCAi2MpdcuMfZuga2EiYrYhxpuieQFFZMKBjlQmWma7YGAVi3%2FMRdg9mykGQ53z%2FzdOg4w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-5dfb646764-x4ks5 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 87c545abb8ef8f39-FRA x-robots-tag none
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 640 B	127ms 68ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=124733a1-1952-419d-808a-0ff59ea44829&fci=880849ff-81b6-4457-a8dc-cd080fffc578&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=4046427330&v=1.1&a=26088573&rcu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&pu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&t=ShadowRay%3A+First+Known+Attack+Campaign+Targeting+AI+Workloads+Exploited+In+The+Wild&cts=1714456413958&vi=6e5564ef82c1604c11eeaf011aa45999&nc=true&u=263486035.6e5564ef82c1604c11eeaf011aa45999.1714456413954.1714456413954.1714456413954.1&b=263486035.1.1714456413953&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id ca627401-8abe-4bbd-9f1a-f1a48168f169 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 2 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id ca627401-8abe-4bbd-9f1a-f1a48168f169 last-modified Tue, 30 Apr 2024 05:53:34 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xU1UAGXliBFcBFV%2B30v253v%2FYjzZoT4Nh6hxT28R0HKRVe8BDl7IUYaHP0TALVVzMbjyQgOprNAH0ip7%2BrUUt8%2B71%2BgxRBpd0LkEForhQI8%2Fmjioj9OEBrkTrgwDXkx3vmX9OLbJ2A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-5dfb646764-hv46s x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 87c545abb8f38f39-FRA x-robots-tag none
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 1 KB	123ms 67ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=124733a1-1952-419d-808a-0ff59ea44829&fci=f6e2988d-459c-4e87-adfa-de6af8cec324&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=4046427330&v=1.1&a=26088573&rcu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&pu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&t=ShadowRay%3A+First+Known+Attack+Campaign+Targeting+AI+Workloads+Exploited+In+The+Wild&cts=1714456413960&vi=6e5564ef82c1604c11eeaf011aa45999&nc=true&u=263486035.6e5564ef82c1604c11eeaf011aa45999.1714456413954.1714456413954.1714456413954.1&b=263486035.1.1714456413953&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id bea0bf8d-da11-489a-b318-08a32d48711a p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 3 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id bea0bf8d-da11-489a-b318-08a32d48711a last-modified Tue, 30 Apr 2024 05:53:34 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDHvp0rd%2B3ROHi6YepjHoz8%2B3098kszJBtxHRkAQSNR6NNxfL4vO7fK%2Fa8iGcA7aJma7SRN%2BZDrqZqjV53TUOZzc9pThkOc3RKZWikhrAhfZk6%2BkQfrLOS6BVejXoHD%2F4xugzpRZsA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-5dfb646764-l4vbx x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 87c545abb8f58f39-FRA x-robots-tag none
GET H2	200	63dc074f6af3bb5b1e2372d5_oligo%20fav.png assets-global.website-files.com/63dbb928e89213590c5bfd53/	2 KB 2 KB	34ms 34ms	Other image/png	2600:9000:21f3:be00:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/63dbb928e89213590c5bfd53/63dc074f6af3bb5b1e2372d5_oligo%20fav.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:be00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a631b98851a92a2e0ffc0fa9961da6bbfece0f39859eb5b277d480d00ad91213 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Jan 2024 12:24:34 GMT x-amz-version-id HYzzYXk1pypj2EJwX_bz3I5N9QJx1TVy via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) age 9134939 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1773 last-modified Thu, 02 Feb 2023 18:56:16 GMT server AmazonS3 etag "09dfdb41113621bb613ae22cfd1cb31d" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 1aexcCLivUf3byYsVpDNDM4i2od7UbqkkgkIe87ltzWSw0f8DWAIxw==
GET H3	200	getSubscriptions Show response js.zi-scripts.com/unified/v1/master/	150 B 519 B	200ms 199ms	Fetch application/json	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1da68656f17af608f1c37bf579ab5f9abf7415b5a72c280b1b36936c7e7b8fbd Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer 6e8d2b53411682427948 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Referer https://www.oligo.security/ visited_url https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Response headers date Tue, 30 Apr 2024 05:53:34 GMT via 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront) content-encoding gzip cf-cache-status DYNAMIC x-amz-cf-pop FRA56-P4 x-powered-by Express x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 apigw-requestid XBoWyibcvHcEPUg= server cloudflare etag W/"96-Gpf98PKysMwXId8Wsw8RxRn+O3g" content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cf-ray 87c545ad3bbf1c40-FRA x-amz-cf-id -xaZ2u39CkmXUadLttaWZrccNlVcIHLnEIVX0QoilB47Cw2t56ikeQ==
OPTIONS H3	204	getSubscriptions js.zi-scripts.com/unified/v1/master/ Frame	0 0	237ms 204ms	Preflight	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,visited_url Access-Control-Request-Method GET Origin https://www.oligo.security Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * access-control-max-age 0 alt-svc h3=":443"; ma=86400 apigw-requestid XBoWwjSTvHcEPYw= cf-cache-status DYNAMIC cf-ray 87c545abf9fb1c40-FRA date Tue, 30 Apr 2024 05:53:34 GMT server cloudflare vary Access-Control-Request-Headers via 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront) x-amz-cf-id X_EysG-dNwzlKi5JURyT-zYNG_S4wKj7EelAlrhbIkgpJU4JTfzQGA== x-amz-cf-pop FRA56-P4 x-cache Miss from cloudfront x-powered-by Express
GET H2	200	common.js Show response js-eu1.hs-analytics.net/analytics/1714456200000/ Frame DC07	66 KB 21 KB	37ms 35ms	Script text/javascript	172.65.238.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-analytics.net/analytics/1714456200000/common.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77f57eeecd39bde2834496dafb1bde29a6b6ad2e1e79ba1aeb39f79d90502094 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:34 GMT content-encoding br cf-cache-status HIT x-amz-request-id FD51MF7YRQ7FZZ5J x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 0e862cae-339e-4c0c-a00d-da5087467003 age 211 x-envoy-upstream-service-time 29 x-amz-id-2 rNvxHgvOmKkXzw/8tXXk5UH/6uFu8Gv6IBCmqcjCSU4rCFdyCD3L62LZZzWK32W0DCL7MpuCabM= x-evy-trace-listener listener_https x-request-id 0e862cae-339e-4c0c-a00d-da5087467003 x-evy-trace-route-configuration listener_https/all last-modified Wed, 24 Apr 2024 18:12:12 GMT server cloudflare etag W/"1870d24fa009b5c6dcff312597b7b091" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-zqbj9 cache-control max-age=300,public access-control-allow-credentials false cf-ray 87c545ad4bfe6973-FRA expires Tue, 30 Apr 2024 05:55:03 GMT
GET H2	200	fb.js Show response js-eu1.hsadspixel.net/ Frame DC07	6 KB 0	0ms 0ms	Script application/javascript	172.65.219.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsadspixel.net/fb.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c67d8ce90160a6586cfd2c2a936959738f5b1843ebdfbac4325c4d1a9b61224 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id H75lIw.llLd5LbqLQfJpi4qQ6NOhCtlN via 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop FRA60-P6 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 091acf01-d92f-4f2a-9337-a2bc02a72693 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.551/bundles/pixels-release.js&cfRay=87c53cc29e9c92b9-FRA x-cache Hit from cloudfront cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br age 363 x-envoy-upstream-service-time 0 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 091acf01-d92f-4f2a-9337-a2bc02a72693 last-modified Fri, 19 Apr 2024 14:01:51 UTC server cloudflare etag W/"65a4cdf8f8c613ea8f766101eea8e667" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-4sw8g cf-ray 87c545a4f9af30cf-FRA x-amz-cf-id wQlE6KMsBKtFiaVqRE-ZzECPpk-rLmea4-mEhnScHBfICXW4PIAwWQ== x-hs-target-asset adsscriptloaderstatic/static-1.551/bundles/pixels-release.js
POST H2	204	report send.hsbrowserreports.com/csp/ Frame DC07	0 410 B	97ms 94ms	Other text/plain	35.153.195.116 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://send.hsbrowserreports.com/csp/report?resource=MeetingsPublic/static-1.41426/html/public-eu1.html&cfRay=87c545a4301d3cbd&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fmeetings%2Fmktg%2Fshadowray%3Fembed%3Dtrue%26parentHubspotUtk%3D6e5564ef82c1604c11eeaf011aa45999%26parentPageUrl%3Dhttps%3A%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild&referrer=https%3A%2F%2Fwww.oligo.security%2F&cfenv=prod&pdt=2024-04-30&csp=ro Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.153.195.116 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-153-195-116.compute-1.amazonaws.com Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 30 Apr 2024 05:53:34 GMT x-content-type-options nosniff server envoy x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0628636f-1eba-4698-82b7-e7187ba20148 vary origin x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/browser-reports-td/envoy-proxy-7c868d5754-sjb5g access-control-allow-credentials false x-envoy-upstream-service-time 5 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0628636f-1eba-4698-82b7-e7187ba20148
GET H2	200	web-interactives-embed.js Show response js-eu1.hubspot.com/ Frame DC07	82 KB 917 B	50ms 48ms	Script application/javascript	172.65.236.181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hubspot.com/web-interactives-embed.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8903e555bd60b3e66725a7316fa1c399c1c330b6f207dfbf294e287857d526c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1087/bundles/project.js&cfRay=87c545ad4af7f0d7-CDG x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"aca27b624bf30d36e5f4f145ae76704a" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control max-age=600 x-hs-target-asset web-interactives-embed/static-2.1087/bundles/project.js date Tue, 30 Apr 2024 05:53:34 GMT x-amz-version-id iqAR5gkkMAkFd.Z3L05RGWJk1d1nl__E via 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront) cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 07660a62-856d-478e-ba56-6e30ab8e24ea x-cache Hit from cloudfront cache-tag staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 0 x-evy-trace-route-configuration listener_https/all x-request-id 07660a62-856d-478e-ba56-6e30ab8e24ea last-modified Fri, 26 Apr 2024 11:14:32 UTC server cloudflare access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xH%2FVpXKKS0o1lGxuAJIBrNCRWj3SiTMhJSclFnn2EAuh4LLoLMGq%2FJhgbWbaCIIZpt9Y63Jebj93oCAwttMP%2FR3cw1RFqeebkyAaF8owEbmYgOG0l1yZd9k10OKG3ojW6k09wQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-xvsdk cf-ray 87c545ad4af7f0d7-CDG x-amz-cf-id py3zXCT33X11tY2v4z_vn-R-pTzX8og0hMEEDOGMMm_R44HhO4PWPQ==
GET H2	200	banner.js Show response js-eu1.hs-banner.com/v2/26088573/ Frame DC07	71 KB 0	1ms 1ms	Script text/javascript	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/26088573/banner.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc726f2cec480a7736031b98cb1b443a2ed29936f524e728c915ab3ba68f917a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:32 GMT x-amz-version-id 0nEyulsaA3u5KVXYfa9vvpxl9FEj8fyH content-encoding br cf-cache-status REVALIDATED x-amz-request-id 1Q52ZDVW719V6M6Y x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 82359243-465f-4934-b89e-86f994d89e52 x-envoy-upstream-service-time 68 x-amz-id-2 Dt6O+PcLkxopDA/UhucGN6byHFoDHVQKWAxoJ1UeIx97ltFTn24QeuRLKyJQOUoFGOPyxAAYiq8= x-evy-trace-listener listener_https x-request-id 82359243-465f-4934-b89e-86f994d89e52 x-evy-trace-route-configuration listener_https/all last-modified Mon, 15 Apr 2024 14:49:18 GMT server cloudflare etag W/"f56f2e285ad083894522febd745ac6ce" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.oligo.security x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-849d5cf979-kpvjr vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 87c545a4fd0a2c25-FRA expires Tue, 30 Apr 2024 05:58:32 GMT
GET H2	200	collectedforms.js Show response js-eu1.hscollectedforms.net/ Frame DC07	69 KB 389 B	39ms 37ms	Script application/javascript	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hscollectedforms.net/collectedforms.js Requested by Host: go.oligo.security URL: https://go.oligo.security/meetings/mktg/shadowray?embed=true&parentHubspotUtk=6e5564ef82c1604c11eeaf011aa45999&parentPageUrl=https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Origin https://go.oligo.security Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator age 559 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=87c545ad4d765b32-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"020909a609cf986b4a8a88cfb577a8db" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset collected-forms-embed-js/static-1.491/bundles/project.js date Tue, 30 Apr 2024 05:53:34 GMT x-amz-version-id _rd02ux3UWoVQsATQDf.p_LxkLPJ6umh via 1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront) cf-cache-status EXPIRED x-content-type-options nosniff x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id b98311c7-1c95-4634-ae81-bb84b35a59e1 x-cache RefreshHit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-envoy-upstream-service-time 0 x-evy-trace-route-configuration listener_https/all x-request-id b98311c7-1c95-4634-ae81-bb84b35a59e1 last-modified Wed, 10 Apr 2024 18:06:23 UTC server cloudflare x-hs-cache-status HIT x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-4sw8g cf-ray 87c545ad4d765b32-FRA x-amz-cf-id SeP20datDnIy7QTlO-Uiso14krTWJWmGmK7q3fVASLI9xU-xenuDRQ==
GET H2	200	cf-location Show response js-eu1.hs-banner.com/v2/ Frame DC07	6 B 0	0ms 0ms	Fetch text/plain	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/cf-location Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.694/bundle.production.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a41c8a6265bcf79c1dd3ea6af9f96eeeafcac1ff7070d31a78c43ba5923b5766 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:33 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private, max-age=1500 cf-ray 87c545a61a77d29b-CDG content-length 6
GET H2	200	json Show response forms-eu1.hscollectedforms.net/collected-forms/v1/config/ Frame DC07	116 B 249 B	42ms 42ms	XHR application/json	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26088573&utk=6e5564ef82c1604c11eeaf011aa45999 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/head-dlb/static-1.694/bundle.production.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c5013b0c800324264ccbe5fe549f21cc08e7db884d957f40f96186493bce359 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:34 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 8d66db53-f8f8-4764-b481-ec3abd9bb3e5 x-envoy-upstream-service-time 5 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 8d66db53-f8f8-4764-b481-ec3abd9bb3e5 server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://go.oligo.security x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5dd8ff7977-xvsdk access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 87c545adbddb5b32-FRA
GET H2	200	__ptq.gif track-eu1.hubspot.com/ Frame DC07	45 B 862 B	61ms 60ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=d4bc4325-60b6-4c84-b0ed-037e7861163e&ft=5&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=4046427330&v=1.1&a=26088573&ccu=https%3A%2F%2Fgo.oligo.security%2Fmeetings%2Fmktg%2Fshadowray&r=https%3A%2F%2Fwww.oligo.security%2F&pu=https%3A%2F%2Fgo.oligo.security%2Fmeetings%2Fmktg%2Fshadowray%3Fembed%3Dtrue%26parentHubspotUtk%3D6e5564ef82c1604c11eeaf011aa45999%26parentPageUrl%3Dhttps%253A%252F%252Fwww.oligo.security%252Fblog%252Fshadowray-attack-ai-workloads-actively-exploited-in-the-wild%26uuid%3De67382f9-d373-4127-8d6b-e2376f6746b8&cts=1714456414347&vi=6e5564ef82c1604c11eeaf011aa45999&nc=false&u=263486035.6e5564ef82c1604c11eeaf011aa45999.1714456413954.1714456413954.1714456413954.1&b=263486035.1.1714456413953&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://go.oligo.security/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 08f6da13-3149-454b-8124-781df60cc557 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 2 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 08f6da13-3149-454b-8124-781df60cc557 last-modified Tue, 30 Apr 2024 05:53:34 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FPokbgm2qsw4wkVkP0C9%2FCMi2wHa9RUMfckROyf5ccErLbuSsNa4Jog1%2FeckImoeaSVn2vQpxeRZYnjBddLw02Tca7EQ5qontNHsqkSxRhgRnnUZmPWGwmBxWml5gbPRvLWBjRLMpw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-5dfb646764-rbq66 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 87c545adcbd48f39-FRA x-robots-tag none
GET H3	200	/ Show response ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/	3 KB 2 KB	369ms 346ms	Fetch text/javascript	104.16.117.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/?iszitag=true Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash fb1297e1dab19a62df8200ce50817f7e68e9ad4c054fc26f940c13aacd02b178 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/javascript visited-url https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild Referer https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild _vtok OTIuMjIyLjIxMi4xOA== _zitok 15b2a4528ef3197ecb301714456414 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:53:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin https://www.oligo.security access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url alt-svc h3=":443"; ma=86400 cf-ray 87c545b0087d99ed-CDG
OPTIONS H3	200	/ ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/ Frame	0 0	220ms 169ms	Preflight text/html	104.16.117.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/?iszitag=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _vtok,_zitok,content-type,visited-url Access-Control-Request-Method GET Origin https://www.oligo.security Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url access-control-allow-origin https://www.oligo.security allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 87c545aec8268c4c-FRA content-encoding gzip content-type text/html; charset=utf-8 date Tue, 30 Apr 2024 05:53:34 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express x-robots-tag noindex, nofollow

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s3-us-west-2.amazonaws.com

URL

https://s3-us-west-2.amazonaws.com/b2bjsstore/b/ZQOQRJHZP062/reb2b.js.gz