www.aon.com Open in urlscan Pro
2606:4700:4400::ac40:95e1  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625529790&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625529790&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&e_ipv6=AQIzh21M2PjZ8AAAAZLxUehMRrElzMHImV0bvaBtil73eTLg1lZvRkjb3y1UoxVszz9tle1rIA

Request Chain 65

• https://s362693299.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=362693299&ref2=elqNone&tzo=-60&ms=973&optin=disabled HTTP 302
• https://s362693299.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=362693299&ref2=elqNone&tzo=-60&ms=973&optin=disabled&elqCookie=1

Request Chain 82

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625530269&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625530269&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2&e_ipv6=AQJ9HWON-_sdAAAAAZLxUensw5n63-2q-tkslrtxzgjcpYByxrY7NidHNKzkAjA4CNHn8_z11A

Request Chain 83

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1377444%2C1260122&time=1730625530270&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1377444%2C1260122&time=1730625530270&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2&e_ipv6=AQKLnUsLG85i9QAAAZLxUenrcm7R-ndmC4rBHtoHarUY2x_rMIPxM2tsKidcf8K2LlgCLBmmGg

Request Chain 84

• https://s362693299.aon.com/visitor/v200/svrGP?pps=3&siteid=362693299&ref=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&ref2=elqNone&tzo=-60&ms=973&optin=disabled&firstPartyCookieDomain=s362693299.aon.com HTTP 302
• https://s362693299.aon.com/visitor/v200/svrGP.aspx?pps=3&siteid=362693299&ref=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&ref2=elqNone&tzo=-60&ms=973&optin=disabled&elq1pcGUID=35867FE83168404CB158AE8BBA3568CA

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/	114 KB 25 KB	876ms 833ms	Document text/html	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 869b3e63edd39eea3e5b39add12608c3c7168a210f90e615c99458e94660d5b1 Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8dcb4770ec0c6997-FRA content-encoding gzip content-security-policy frame-ancestors 'none' content-type text/html; charset=UTF-8 date Sun, 03 Nov 2024 09:18:49 GMT ki-cache-type None ki-cf-cache-status BYPASS ki-edge v=20.2.8;mv=3.1.4 ki-origin g1p link <https://www.aon.com/cyber-solutions/?p=8913>; rel=shortlink nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IP31abDZe6%2FI7rjY3svmnTD43lwnSWf%2Fpl2esj761EL4s5Y9Uk95L%2FBg8UbsXQ%2BpHa2KXhT8UhvXFacEVA7CHvVw7fGN7dzJ2hZrNC9gEjrIHdEkTjl1NsuR8Sqbzws%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; preload vary Accept-Encoding x-azure-ref 20241103T091848Z-r1687d95c99x48qb93z7w4zp700000000er000000000fs71 x-cache CONFIG_NOCACHE x-content-type-options nosniff x-edge-location-klb 1 x-frame-options SAMEORIGIN x-kinsta-cache BYPASS
GET H2	200	megamenu.css www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/css/	4 KB 2 KB	127ms 123ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/css/megamenu.css?ver=6.4.5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c704d5aaed685d4f46d9bfd77ce03f798d7fab9a6a5e0f4c80a8f027ec527d67 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bc764bb-105a" age 767449 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrWTQ8B0MJtgfNF%2Fr1OUTXmUDsh%2Fp70JPui5JKs90Kn%2FwlkVM8fINQwhG2sFlDJKkp19x4i5k9dLECMNqkWM%2FiWt4if1VdF45GjDMv9gbONTf2gLKyNVVbUeu1PNuBc%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,d3c408cf77372b8e96da17941a00ff86f9c45bb301c82660a70a1b4b04577a43 last-modified Wed, 17 Oct 2018 16:35:07 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f2c6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c994jsqs7740nhy7rw0000000480000000014x9v ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	style.css www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/	97 KB 21 KB	202ms 199ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/style.css?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b37cef04d7ad3aedb8e5320f60bd8c32d13ff2ae55dcaa90b5c838b84a562476 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"63da1217-18258" age 416192 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVfRQL2PPRUFFQ6c35cwIgTUL174PHQzPmEPBrwhMV%2Bhu2htiy0ywbUH9uRVuVxicQmq8aNu4bPkbiGmZOzYa5Pf%2F4UPZRquSDHpdcePxJDeA0YG4kCEceCEIgXkBxM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,298ec53e4a30adc3b16e1431b9a8cd05bb0f13ef090fd01f2eb997776f3b891a last-modified Wed, 01 Feb 2023 07:17:43 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f2d6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9b4qzwl88mavy71rs00000006s000000000sf86 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	style.min.css www.aon.com/cyber-solutions/wp-includes/css/dist/block-library/	108 KB 14 KB	117ms 114ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-includes/css/dist/block-library/style.min.css?ver=6.4.5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"65b9b256-1ae43" age 2499301 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxuVSivUFfKi2adtfbFckMSBfT9cTbKbE5yMLBz7ZJT9RqqmH8BC2053T3nh2%2B7RWso2HOrWBorOh3NUeKw9lEBWYRMlTtGqe6g3CPsI3U7x6cmPJxqJGHW78Vv9ivJulOsdXN2EmuRn4GQ%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,7deef0752400b3c53f7e8c9e0eb21a06f69fd3f5a8c9e02345c822fa81af680d last-modified Wed, 31 Jan 2024 02:37:10 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f316997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c99x48qb93z7w4zp700000000er000000000fsbc ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	google-maps-builder.min.css www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/assets/css/	7 KB 2 KB	333ms 330ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/assets/css/google-maps-builder.min.css?ver=2.1.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b89d0c0bd2198e615e772a5ec226fd2bfb717e5db4bb523e8483635f8807c4e1 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bc1004c-1bba" age 1202903 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRFzS%2FWX6bIAvMVnYVqDor4acj9EzNcFfEKUHXkImKBpaDSKbYZJ5l0K6meFeYfoAvgxoD4hoPvM%2BBl%2B0dN%2F2WUNY5YY6JdJSNspRVpdvGULIdmw734RG5rODIfWDXA%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,4f8909a31c7ae3c69125ffd3e4ec5bc6df9db56cc90221e964d8bbd589516f7d last-modified Fri, 12 Oct 2018 20:13:00 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f326997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9b9hvqrxv8aug3wz8000000028000000001ccxy ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	map-icons.css www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/css/	14 KB 3 KB	111ms 108ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/css/map-icons.css?ver=2.1.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d76925fb6477fe5ac510acac2b76e156988cdb412483524e37611dad7495cf82 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bc1004c-3680" age 1030068 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XbsocKf8uQ1ZUXAgD1TJqMfWm6Zvle74O%2BZUV1MWD8%2F%2BU00Yu8WL4iGS7I8fSd%2F5VP9JKAYMMFr7tKeE6QonW3zrffPSCInhHusbr7Q%2Bv1DEN9BhLkbA0kWbXSLZr4%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,390f471c27d819f187685418e3a1dbc15276958b9e54ef089f9944b5a2d1720d last-modified Fri, 12 Oct 2018 20:13:00 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f336997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c998hfvd8xzuqw01h40000000bc000000000385q ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	dashicons.min.css www.aon.com/cyber-solutions/wp-includes/css/	58 KB 35 KB	109ms 106ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-includes/css/dashicons.min.css?ver=6.4.5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"60d233a7-e688" age 907495 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gG5QbuPS%2BirYt4IaDtKccS7WzBoCWRyy8B%2F%2FT2BqOmT5Q1XwAh%2FFjUkTWZI%2B4we3bt%2FsODuNlR%2Bz8ouXbGgzFtmFowx%2B70zGkc2ybug8KTk5qZMuzlWFSWf%2FBVQ4HaE%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,e3325e80e1ae0262bb4f85186d8cb28e27bb3a72db62675630284a46e9fb32f4 last-modified Tue, 22 Jun 2021 19:01:59 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f346997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c992dtqhssckfyqyuc0000000at000000001qrhy ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	style.css www.aon.com/cyber-solutions/wp-content/plugins/simple-social-icons/css/	1 KB 893 B	173ms 171ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"60c0e4c4-4cc" age 1194976 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jlvktf7wXq9dMA2%2BUcFNxnM4GBoyQXq8bZ0Ztg9U7f74fUWQbIR4wPZ8%2B5A4hfpSF1qlRs%2FELc7vX38D%2FkDKj7psnsSuEEXaJMi1ZSQxLmE7EXUNQkr4bLEPYSOnhls%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,c831a9457927426517edf504c79d62484d22bb89fd36093e20e885d25ba02d85 last-modified Wed, 09 Jun 2021 15:56:52 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f376997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bskqq52v55g6veu000000006eg00000001ad5s ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	enlighterjs.min.css www.aon.com/cyber-solutions/wp-content/plugins/enlighter/cache/	78 KB 9 KB	204ms 202ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=bv28sNlTDHXJCX5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6eb5aabf47cb4c76ac38897c2eb8139dce95f931c7963a4a6dc9205e0fa88f2 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"60e47e2c-13672" age 1230760 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FztiEbzpPC0g59D6VAzOfGq5irEDEZ4llDhbX3tQTLT4pxjgXjYS%2BjzFAowU1%2BesPHJrKWEb%2FKUcHEfXMeDCm9l03U7PWnHeV4p6yuAXUR2OFHEAny4uwXw7Rt%2FA%2FhU%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,d3389a23234d3f81ad3b57c128a4dac12ee9dd96cb7ff35525f1afd04f857340 last-modified Tue, 06 Jul 2021 16:00:44 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f396997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9blzxgl97af9sur5n00000006dg00000000vddd ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	jquery.min.js Show response www.aon.com/cyber-solutions/wp-includes/js/jquery/	86 KB 30 KB	164ms 162ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"65afba03-15601" age 415863 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zosgk48kiOChyWBalNhYAzihOJofc%2BplkrEBXUGCw0TcG0WSaNWYngy%2FsTqnqf93etsrxtY0BVJQwebzbkS06y%2FA5yuNZdwUCyFxLVMt3LsLhcqpURiVQgE31KHAgK0%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,2b497a3f4f29d36293314572cdbd891ff57fcb131afc6050472bdd80e3b12265 last-modified Tue, 23 Jan 2024 13:07:15 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f3a6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t9000000006dg00000000fmd9 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	jquery-migrate.min.js Show response www.aon.com/cyber-solutions/wp-includes/js/jquery/	13 KB 5 KB	154ms 152ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"65afba03-3509" age 1487438 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u2Z%2B3WcX1P%2FVXSONhy7Vcnk%2BsBX5%2FR6BVX4a%2FZWivOE1VX%2BmpxmssEli7dgvMrD82uDvpuqOhucIcf04wdNmSrRAWs%2BfjBSpvOiCqEuBGQ7s4jDkLyqA%2BRToh%2F7QFtE%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,2c6dad0dd19b0a914a7b47845358b502566cba8d2e556529c8404051176ba9c6 last-modified Tue, 23 Jan 2024 13:07:15 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47762f3c6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bz6hlkp7z6nvru8w00000006vg00000000ag74 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	drop-down-nav.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	553 B 894 B	137ms 135ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/drop-down-nav.js?ver=0.5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b52ec361b45078068156d07c98dec039ef0972ac32d1fe2bb6a145c483c1a887 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bbfb24e-229" age 417769 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LNA%2FUwNJfgy8LxMwI44sRKHZYagZjsdmvlG%2B%2FpZk0cGxE6dBzEFOmJeOCg6lR2nsSxD1NZTKLALAn4%2BBfkKemZI228iOhLlhAhUQqUUK%2BLu6e17QDZ0xS5kepJYKa4%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,d782fbfae0a0f1a98b31c5b589f6595b248fc46d2a3a77ddfffdfd16969270a4 last-modified Thu, 11 Oct 2018 20:27:58 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47763f426997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c99pfbjwhxvfyh7yu00000000e1g000000017vqw ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	svgxuse.js Show response www.aon.com/cyber-solutions/wp-content/plugins/simple-social-icons/	9 KB 3 KB	165ms 163ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 860e4b944663ab48a4929f7f995379090822e06521ab6321612490be84de42fd Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"60c0e4c4-2416" age 408000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gs6SRuYn9gM4i9VmZdKRerBKxAwNiSMGG5FEO7oGXRHtf57GpEJrMrP2eE4XvzhoL6hwMs27FDj%2FlzbvJFu1jS0zAnMeqrjD%2Fbfc%2FRaTA%2BqHmy47ll9d00tjxpSODII%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,845e7cecfaf1b138af348e5fad61da8bb84d06e40289dd306e87244380921b4e last-modified Wed, 09 Jun 2021 15:56:52 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47763f436997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t9000000006f00000000035k6 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	js Show response maps.googleapis.com/maps/api/	384 KB 120 KB	99ms 52ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyDimZKz6nz_uv5lJrzGrl_bTTq3sxDi-NI&language=en&ver=6.4.5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 447278cc096b930c37bf6f0322f11f322a62b5348245b17c863871e371322dc6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers cache-control public, max-age=1800, stale-while-revalidate=3600 timing-allow-origin * content-encoding gzip etag 0bc41f4c cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 122975 date Sun, 03 Nov 2024 09:18:49 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 vary Origin, X-Origin, Referer server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN
GET H2	200	OtAutoBlock.js Show response cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1-test/	34 KB 7 KB	82ms 60ms	Script application/javascript	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1-test/OtAutoBlock.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68f9a681addf982aa3524b52e718ae0e7ea9ed29e4dc248deab8cfaddb3b61a9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 Cs6viPbzbpWYsueoBQp1lg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status DYNAMIC etag 0x8DC65121E1BE37D x-ms-lease-status unlocked x-ms-version 2009-09-19 x-content-type-options nosniff date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript last-modified Thu, 25 Apr 2024 10:26:06 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id a61a3e4a-001e-0103-76d1-2dd6d8000000 cf-ray 8dcb47765e561903-FRA access-control-allow-origin * content-length 7030 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	new-aon-logo.svg www.aon.com/cyber-solutions/wp-content/uploads/	615 B 902 B	278ms 277ms	Image image/svg+xml	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/new-aon-logo.svg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65f3429e77489962ee72bd6d65eb31089edaa8a3f213de3cc78826b15048543f Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"63e16dfa-267" age 341878 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8PmZMuOrP9WYwfvcV1v0WAoBjNte%2FIqD6rIlgE7utAdIeXdbEOoEnXDqT3sU3fczyyEEj%2FumFkWVlZBID3chfdW4NmbiMvIyRRful3hO70xKVUvzQtg2TbuhlnqtkA%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/svg+xml ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,35e0d2e8ddf4e37673c1e25dbcf1e98abe75ccc3bc5eb51a08f4057b550e9bea last-modified Mon, 06 Feb 2023 21:15:38 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47763f476997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t900000000690000000018hm2 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	mag.svg www.aon.com/cyber-solutions/wp-content/uploads/2018/08/	658 B 854 B	138ms 137ms	Image image/svg+xml	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/2018/08/mag.svg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a1c2eac2e63fecac72e3e79f0f1978cea096f258ca233e53ddddfab5aefb901 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5ba526b3-292" age 180999 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXIl4Q3SMeYzawzdgx8mwhcmPiiSclCTmQk8VYKZjMdh9V5oP%2FLzzYjW4EtmL0IUo%2Bv9D9J1Z3HYFpdW4cyO7K1wX8iibyhAlOXBm4u60YIVwplvnc7lStKxbiq9ByU%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/svg+xml ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,9a8728ecaa7023f2915c230e27afddb7c301464f9d15076ff9db4efa9b217b03 last-modified Fri, 21 Sep 2018 17:13:23 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47763f4a6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c9965pbluyp05c35g00000000beg000000012amz ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 969 B	62ms 32ms	Script text/javascript	172.217.18.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.4 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f4.1e100.net Software ESF / Resource Hash 2108ac60bc352011468c22c5405ad3d88912de0a4d76200e8869e7a4d7ff0e07 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Sun, 03 Nov 2024 09:18:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Sun, 03 Nov 2024 09:18:49 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H2	200	Aon_Cyber_Labs_Blog_Post_-_Dissection_of_Makop_Ransomware_Group-11-e1707183304815.png www.aon.com/cyber-solutions/wp-content/uploads/	4 KB 5 KB	201ms 200ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/Aon_Cyber_Labs_Blog_Post_-_Dissection_of_Makop_Ransomware_Group-11-e1707183304815.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4e45fddc8e5897b23b275a3a6d9b155bdfcd7daae0e635e50b3065ce059f4f2 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "65c18cc8-11e6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBwy6R9mJd1RKA12qVQyKE9U5UWM94Ke9T1bei6rsmj7AGneMFKaukIMdLpjKE3PmQzBjRLzsvrPcV%2Bhr02%2F%2Bnqz2ZttFV1PfZzVz60EpYIe1Tfr2Ez7lSN%2Fi1rflrQ%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,fa708cef606cf61dbdec8f81a468f40c2e3208f1928e1f22e64c0a1d649ca02f last-modified Tue, 06 Feb 2024 01:35:04 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47763f456997-FRA accept-ranges bytes access-control-allow-origin * content-length 4582 x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t9000000006f00000000035k7 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	Aon_Cyber_Labs_Blog_Post_-_Dissection_of_Makop_Ransomware_Group-5.png www.aon.com/cyber-solutions/wp-content/uploads/	19 KB 19 KB	106ms 105ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/Aon_Cyber_Labs_Blog_Post_-_Dissection_of_Makop_Ransomware_Group-5.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2016db0085e5fbfd5a04bf8efc1ecaf782c6d8a852badf172163f4786251884 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "65af00d2-4bff" age 596413 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nrq4E3Va8XMaGVuQhAZOKY273E9c3lKCDOI0B7ht2Mp35EjyUmm1ks3K9496pVzWDt9J9%2F5VywsRPkE%2BtBW8cZrbZprdogwXC58NruNbMgF1g6clUnzJIlB67bwdSvFlABp2KGFoZ6D1vPU%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,e4c93607ded2ca9e147b06674f7a9ffd266e1a0a76934e2689e3a4c0a4397f43 last-modified Mon, 22 Jan 2024 23:57:06 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477778476997-FRA accept-ranges bytes access-control-allow-origin * content-length 19455 x-azure-ref 20241103T091849Z-r1687d95c992dtqhssckfyqyuc0000000at000000001qrkw ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	Aon_Cyber_Labs_Blog_Post_-_Dissection_of_Makop_Ransomware_Group-4.png www.aon.com/cyber-solutions/wp-content/uploads/	26 KB 26 KB	124ms 123ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/Aon_Cyber_Labs_Blog_Post_-_Dissection_of_Makop_Ransomware_Group-4.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35b2820da225d5f5bee5bc3c2af239fa395f5c3cafdd492a06616cdfca64d549 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "65af00af-6607" age 384334 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gz5LmciO%2FhyJ7I5ut20WSB1mKS9zkTQd6AAmUOsTpLXK9iMH2pZcmsPzZsjlz%2B0GNU2OanQXVEYhDcy51gkmSJIJgvctBCT9IErhopKdY0OVQJB%2B4C481VjBosqRIhhcDqu2AzvZF852dOE%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,30f9cffdcb996e9950bfce51dcadfc288bb6eb80140ccd004ae044c3aad7e230 last-modified Mon, 22 Jan 2024 23:56:31 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4777e8d06997-FRA accept-ranges bytes access-control-allow-origin * content-length 26119 x-azure-ref 20241103T091849Z-r1687d95c998hfvd8xzuqw01h40000000bc000000000386g ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	contactformsidebar.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	8 KB 3 KB	79ms 79ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/contactformsidebar.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b24ce1405ee7c79c559e9fa1d2a2993210c7d2756747a16ab7fec30e4966593 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"624b3742-1f58" age 1230761 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1qjlKj0qDIZQKuJO2VSEvLI31sepCgNOThqWTDjnPDb1OsMdNSxRvXWbS1EwQkYQ3cepexRYGWwLcJHvF4etlidEDtJ32CApnrtA7DIcMJ%2B8GMxTMHUjG315gOB8aNRXBOLbGpKtxRR2Us%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,e4b2ed4adb1cc064dd125604ba380e59f48aa30202d056176d238002f45aaac5 last-modified Mon, 04 Apr 2022 18:21:54 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477829096997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c99x48qb93z7w4zp700000000er000000000fscz ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	linkedin-aon.svg www.aon.com/cyber-solutions/wp-content/uploads/2018/05/	725 B 930 B	128ms 126ms	Image image/svg+xml	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/2018/05/linkedin-aon.svg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01976d2960325a4647473ed043d60e2a5b2ba8df714145d52728bcfb3645ef02 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5ba52684-2d5" age 404698 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPT2kNO%2F2b8Z%2BgPrksW6454TlhrptNEe8dYcNtJlNl6%2BsC7l0sqNW0ccMV8z%2FjVj4hA3EHvNNH7Tlh9HRRLqXs0j2kv1xceUyaemVzQ%2F2Ixp0lA53hUNXbln3QZjU4E%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/svg+xml ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,67d0873cb266ebaffffab8935e8392f5fd7f2385a41361e2da05518e841409d6 last-modified Fri, 21 Sep 2018 17:12:36 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869486997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c99s569dgfzd32czdn0000000crg00000001u913 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	facebook-aon.svg www.aon.com/cyber-solutions/wp-content/uploads/2018/05/	735 B 914 B	111ms 109ms	Image image/svg+xml	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/2018/05/facebook-aon.svg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56eb065fff39748008e7761f0c9b48a44c669f7ad366fbbc7403961b967a69fb Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5ba52684-2df" age 250663 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=km0rVVjv1ncQR7qStWzfhuB05yK%2BrnoVlXdO057zud3tzIJA75P3OHuEKH0cmB8%2FObOiwsPqvm8w8o7GkjzjlRpzKQyTk06kh%2FAMpKxhgmopAkr1XSGTalwtj4tcbcmx9QptSNwQ3N3aqoA%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/svg+xml ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,d61540264b97fdc4fe46af44aa8b9e216bd23696dfa3fa76e55d6bcafa31f03a last-modified Fri, 21 Sep 2018 17:12:36 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778694a6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9blzxgl97af9sur5n00000006dg00000000vdex ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	twitter-aon.svg www.aon.com/cyber-solutions/wp-content/uploads/2018/05/	933 B 1 KB	174ms 172ms	Image image/svg+xml	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/2018/05/twitter-aon.svg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 649aba659fe05a963f04f4a8471cf38f3a9fccb0426de7459c2b3f14790f6851 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5ba52686-3a5" age 46943 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK%2FEQ9GwrL9cz9KD2IW6FWa%2F9pvQ6KgRrfOP1PO23leLB4ZvXIRTEdhLfEkUl9B%2F0whufH2oFNI8x6z%2Ff7g1rr4j5SvjUV93CglEw9861m9rGs0%2BtTJTG%2FzxQEmJFa4%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/svg+xml ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,e8b03f7930a9b7f979f01b914210d6fb3a3be93886c1743696a417c3f5992fe6 last-modified Fri, 21 Sep 2018 17:12:38 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899636997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9b4chmh5gv5r9bxtc00000006u000000000xcka ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	facebook_final_aon.png www.aon.com/cyber-solutions/wp-content/uploads/	1 KB 2 KB	93ms 91ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/facebook_final_aon.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71ea5c8225bb14bfd85a4af89237dc9c5fe6bbfc1db0f29d901209d15465948b Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "5bc4be0c-432" age 247540 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2Br%2FuJcEKchMI8FWEzio6MiJgqAheUvtvvMkb8AUGEJzWbNDZFMm%2Ba4cc970MhaNKMkgG4Xg7lU4cBjNfp8SvRTQFPfkBdj9jyUycEIhKAQUYnvaCfdPZtdKly7tznaKBBpiM6IlYQaysXM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,9a9fe038608ef541e260a6e13c6dd64c99add1713bcaf63c99f61443d3a01b38 last-modified Mon, 15 Oct 2018 16:19:24 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899646997-FRA accept-ranges bytes access-control-allow-origin * content-length 1074 x-azure-ref 20241103T091849Z-r1687d95c998hfvd8xzuqw01h40000000bc0000000003873 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	twitter_final_aon.png www.aon.com/cyber-solutions/wp-content/uploads/	2 KB 2 KB	149ms 147ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/twitter_final_aon.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36ef11ae4a6a93b7d4aa66974e285ee8c6a0c73df88d69bba7d0121cd1d3ee6b Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "5bc4be24-794" age 1141158 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNGD%2B2b357VIyj2nVw%2FUdrjmnyX7BA3V6pIvqs7mOyCdr4B%2BFhBOk9yEZ9PAxynlabpApyNY9P0%2BSQDnTqg%2BHe8IVpHiaGeW5xDhq7cWxVp7oH5l%2FOh7kCDwP5dq%2B0A%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,2a042f2ad83db90cb3cf39cbfe3934a424088fb216852337e77c38125e6d9e9a last-modified Mon, 15 Oct 2018 16:19:48 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899656997-FRA accept-ranges bytes access-control-allow-origin * content-length 1940 x-azure-ref 20241103T091849Z-r1687d95c99t2jff3kv1qzt5fs0000000csg000000003dhg ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	linkedin_final_aon.png www.aon.com/cyber-solutions/wp-content/uploads/	1 KB 2 KB	176ms 174ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/linkedin_final_aon.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c47c88902d076b897d10b41d9a014c6168a542e9545652f40e05ba98ee57e0e4 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "5bc4be17-563" age 417768 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZqZJaGOtD8UyPJdG23nM6E2hNPY9Q16xGM12yh3xYWkzlGOYMKzFHHKjaHsT9UGns4ZwOcwZtL879wvOZST8Gjmg5kOMEoYpSz9W1b1Sesgf2A0kLY1rcZo%2F7eE7bM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,deb855990d80578b4a2ffb7f3c297a10ab02e6dd7dcc953b33e372d79df4c2b5 last-modified Mon, 15 Oct 2018 16:19:35 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899666997-FRA accept-ranges bytes access-control-allow-origin * content-length 1379 x-azure-ref 20241103T091849Z-r1687d95c99sjvlxqy0h78fyds000000092g0000000048zr ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	full-screen-search.css www.aon.com/cyber-solutions/wp-content/plugins/full-screen-search-overlay/assets/css/	3 KB 2 KB	109ms 104ms	Stylesheet text/css	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/full-screen-search-overlay/assets/css/full-screen-search.css?ver=6.4.5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2719533d9c25e0201821d274ee267acb6759645c365e822939617eed7b2a38a4 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bad46af-d61" age 418652 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AkUcnOIWrbxzY9j0LAloyzo04aiGUQIsW3eRCrdes8WS9E6T5Wfnqxt6dq80xcsuLe7GeA1H%2B1UI5E18uV6wKymlr%2FX%2FBLqs%2BG%2BowuNUf%2F7HLsc06cA7gIgsikGYL222sDroc%2F2cwFVgm%2F0%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type text/css; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,e0903c2f33b4d2242501edfbc6e9927cc873492b2444fa97d1253c84ce46b2c3 last-modified Thu, 27 Sep 2018 21:07:59 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778692c6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c99pfbjwhxvfyh7yu00000000e1g000000017vsq ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	set_delete_cookies.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	2 KB 1 KB	131ms 128ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/set_delete_cookies.js?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd4420de88da7b704b9f8e20f3a8f477caa742e145a12167b1cfa1aeceb3c322 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5d39d8c1-6f3" age 247556 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sebwq%2F%2F%2BvNLNg1FTlTfRqdGThd7qciJPQn%2BU3ZBF%2BLQ6Eq2irxOrMwaei3ocfWWV2QXUDzYLzYLPuj0ya4YVlhve7A6VFGhRurkfEpHQqp%2FpGUJe5ilE9OGVOTES7hA%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,6a439897e87e7af39d94f963e2980307081858a689baaaf7f5fe290f9710516d last-modified Thu, 25 Jul 2019 16:28:49 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778692f6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c99t5lccnnh8ac1vm80000000ed000000000hq7c ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	dataLayerScripts.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	4 KB 2 KB	155ms 151ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/dataLayerScripts.js?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d11d4b6fc6913e0179792e4d615449af1ed498a8cfb8bf2e9cb75020ad46dd4 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5d39e741-110e" age 806479 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F69Ur6RfaR%2BJVo7m2dsHscJMHxhila1MPIVZUYpg5ctBWMrUiTnWVxmteEiShnTDjk5ZVp3xZwDyv5FQKMchgJaE0k6YfWOuFuC9Z%2BYwymoF2UjQT4TmyR4uAmyPuiU%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,a29558711c9160694d1b91fdf6b5afeeb56c531b907ed7794f52a1fe7c2d5f19 last-modified Thu, 25 Jul 2019 17:30:41 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869306997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bv67j6cty8sw7m14000000071g000000010bgg ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	jquery.waypoints.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	18 KB 4 KB	110ms 106ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/jquery.waypoints.js?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1e3b0a0cf077e2b2d51e3d28a36273bb1fa5b03db541b5e708a9637b39b8d6e Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5c190e8b-461a" age 405355 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gza54m%2BZ81RuB38tUesHTZpVlB7CfjFh9o3LWdL%2BoQUlLkc6lZul2phyYRz8c42tecmsvXrUxUR5DrE6c4oDX9nBqIpN%2Buf0J1QXakH5y2UJN7lzQIZifw7pO2H6Orie69hB8%2BGVq1lIA8%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,8891b3a24c35388c9ca86d5a4350c26e6a59e867acb5658ef32b1134a60446d4 last-modified Tue, 18 Dec 2018 15:13:15 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869326997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c994jsqs7740nhy7rw0000000480000000014xbv ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	sharethis.js Show response platform-api.sharethis.com/js/	206 KB 46 KB	242ms 188ms	Script text/javascript	3.160.150.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://platform-api.sharethis.com/js/sharethis.js?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-115.fra60.r.cloudfront.net Software / Resource Hash 98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=600, public content-encoding gzip etag W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU" via 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront) x-cache RefreshHit from cloudfront x-amz-cf-id -KD7HFssp2aD4avZ03_qfVcA9R-gywIpdOniW-dCxQc_uNYHoCf7cQ== edge-control cache-maxage=60m,downstream-ttl=60m date Sun, 03 Nov 2024 09:18:49 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding x-amz-cf-pop FRA60-P7 x-frame-options SAMEORIGIN
GET H2	200	markerclusterer.min.js Show response www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/assets/js/plugins/	14 KB 4 KB	101ms 98ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/assets/js/plugins/markerclusterer.min.js?ver=2.1.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84fbfec64b38c2b0438fd16f91081aaf36f70182ffd753a136276a4aeb93b1f2 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bc1004d-3768" age 767756 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IV8RBbAJU2vLFAu2Vn3BNekY3mEt9h4nQFd3MAqRvfw8ySiXmhFoNzZoLH2R%2BuorQVzbp7DPtslt77pBK4KtFeQs8E3W737kpSVj%2BfDX7WXzCcEdlco5IgOnDGrW8wf70XEHMPW8SOlc3Cg%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,a43249e411ec6344775c94ed075f83f8c0814fee9f9135f06f6d4e415bf6e40e last-modified Fri, 12 Oct 2018 20:13:01 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869336997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c99x48qb93z7w4zp700000000er000000000fsd8 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	hoverIntent.min.js Show response www.aon.com/cyber-solutions/wp-includes/js/	1 KB 1 KB	174ms 171ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-includes/js/hoverIntent.min.js?ver=1.10.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"65afba03-5db" age 247555 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdS%2Fo4QwKcw6u77P%2BrzhANBfWDbfwAK3P%2BArnEhkhxtlqTnGkdE6fRtDJ%2FRA1IL0vTryl3AANnIMEeZq76d1QyRNxa1kZei20Zt4ItjEOd7zYKHUtRmi0AkI5OAliYI%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,e6d1c0e408fc6e477f94d924c6d3c0de50a693ceb0d23582d121da212c2b7960 last-modified Tue, 23 Jan 2024 13:07:15 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869346997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t90000000068000000001cxya ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	superfish.min.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis/lib/js/menu/	5 KB 2 KB	153ms 150ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68f2b0a3381830c544349d5df116c2b96ba1d8efa46cf0c15e3a130d91bf6ab4 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5ba526f2-13ae" age 265828 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hd7u9YshdKDmJEGuyXjYJHSXlk7fS1mjtRgCkRDHkdRXyMaboqJxEnYxih%2FnntoFufPNrtHOio1V6XKX4KlMdbG6eilJZ9JgGVEgn4JwIXwQqrlgYApfq2x5S63pfkQ%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,362efc082b40746748f4e51491ca5f68f1427db9479cbe8ebbccbc579eb268a9 last-modified Fri, 21 Sep 2018 17:14:26 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869366997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c99s569dgfzd32czdn0000000cv0000000015fx8 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	superfish.args.min.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis/lib/js/menu/	132 B 805 B	117ms 114ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.6.1 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5ba526f2-84" age 388116 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0qBEIQjhYODQl7eH%2B%2FFJuSHLBL8ihPPft93kGl6lF083lItvv%2FLGdGwL436TJ1xPoV6Uroy1Ktpdr9PMwo8P8QEmB35leoCyUGy%2Fxu8CFTNMO4KmJ98%2FBmIikdT31jW99gPv7ho2DUxkll4%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,c83bf445c232a3a62a4d82693c62f07e2c055a25c7ee484259ed01ced71c3ba3 last-modified Fri, 21 Sep 2018 17:14:26 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869376997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bskqq52v55g6veu000000006eg00000001ad7t ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	skip-links.min.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis/lib/js/	344 B 699 B	99ms 96ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=2.6.1 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0556982c2b3cf8fc78bc3d5d3c1e98b7861a0a8150ef7ecf2f3c7a733e4e0cf8 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5ba526f1-158" age 388116 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KOwuynXMyXarhYjPXiA1WwFfFc9CwNq%2Besw8iFs29Nui7btmR9m3Z5SgxmlYjeUOi9m8KhtyMvlepaiz2%2Bpx1dWxpck%2FlKL%2BErr9oKGDUSo1sABymiIeqrG%2B6du11bDapjiEw%2FW5HOzTMC0%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,c575fb963b533dd3849308052629d144a1f35e72249829990656d7ca3407ad30 last-modified Fri, 21 Sep 2018 17:14:25 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869396997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bz6hlkp7z6nvru8w00000006vg00000000ag8e ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	ResizeSensor.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	10 KB 3 KB	241ms 238ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/ResizeSensor.js?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a224114195027ea3b49e6c76c604ac11f597191832ce5dfbb6b180b90af93d87 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5c097220-2761" age 495968 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUjCiexTZOJYSb1lC19XkbLXnehEiiunRqxQ5M0QUfl6xYQTL3sFYF0gWlilOo1tmA6dMPjAruEXnSjhNn97ojY9kflpLIb6mjE9GOfNbETiItGCMXvKkguFYE%2BW73iIs3xL%2BeT2eGigpQw%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,e997bdd242eaa251ce9107b5f5e96305ed9fc221498cb22b435d2f15b6616bbc last-modified Thu, 06 Dec 2018 19:01:52 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778693a6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9b4qzwl88mavy71rs00000006s000000000sfaq ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	ElementQueries.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	20 KB 5 KB	145ms 142ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/ElementQueries.js?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c53caf793189aed067ac6e60017ce5d0cf689c5ca050f7f2c24c95ae842c9498 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5c0970f2-4e81" age 416192 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZ7jGJ0k9IZuOwOSG%2BLkcq7t3wRQdMM9Mke5SnJq8amz98YGJ9FxEt9WlVkJZuSwbDi5xSln7mLDsm%2B2iqC6W1uRkdCiX2KhIi2zKlsqv6KUwGSWP5VvKZLhlm%2Bzx0W00AZtHbBzbUsh654%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,68fec8a15875172b7a0587c8ca2d1ecfaaff9dca85186e125484c0b255b74601 last-modified Thu, 06 Dec 2018 18:56:50 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778693b6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t9000000006dg00000000fmeu ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	responsive-menus.min.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	4 KB 2 KB	113ms 110ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/responsive-menus.min.js?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bbfb250-e5c" age 265812 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uwe4t0tNFhgyyYYJDEpBdKEyhjQiM%2BRlh%2BzMBJKasvLJVz6P%2B%2B2F%2Fns%2BsP18aF2Yp%2BSzbccm3%2Bme8yPUewtwrbsxTKlLnHnDe5Nu%2F95tI226qJfIO0OKHZRsEpTL7anTwn8S44xHIf4FiIM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,832f1a878fd92e2abb813d9e5232449a4089d974624032c0ae32db0871077105 last-modified Thu, 11 Oct 2018 20:28:00 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778693c6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t900000000690000000018hpu ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	genesis-sample.js Show response www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/	1 KB 1 KB	94ms 91ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/js/genesis-sample.js?ver=2.6.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40295dbacda454f80466de88670466414814a470820a99013b60413327347c43 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bbfb24e-4f1" age 250662 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iezs9Ezz3t4XfiIn77tzEdfR8Dg3g7ENrHw8BgiTurGS0664ZQd8sYTfDlVHAdrsA51LeZ5yEJjq9KpQQIH2aIy%2Fm0vbIBhpFAtmgkBT6n8LYHK03pmfnNgwkGW68EITRjIvROytYgbO0rs%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,9163810ec4b3c4938133382a5221a2e6a1cb4c10ba05d7d9350b269558b7e489 last-modified Thu, 11 Oct 2018 20:27:58 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778693d6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c9965pbluyp05c35g00000000beg000000012ap8 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	gmb-infobubble.min.js Show response www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/assets/js/plugins//	24 KB 6 KB	89ms 86ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/assets/js/plugins//gmb-infobubble.min.js?ver=2.1.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d76c93e98af58874b7d29ffb5aa19eb7728e79b8bf20353385bdc0d56360ccbd Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bc1004c-5fce" age 211001 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrvi%2FQvCzfKXLKVvAybqbi6skkr69Do%2FpL257Hl%2B6hiyHOQ11%2FQtxk%2FzqTaQi4iOG%2B5H6LAL4PVSd1meILrrz57gVEwavTJf4RJcNNMD%2F7cQuCgfU1NRmjdIi7zT1kHG6zwEJF%2FITEB12nQ%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,aeb5188344f72e51a45ff4f097a6aa95956d78c16c2a0987bb72486719cb6eed last-modified Fri, 12 Oct 2018 20:13:00 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778693e6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c992dtqhssckfyqyuc0000000at000000001qrmm ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	google-maps-builder.min.js Show response www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/assets/js/frontend/	10 KB 4 KB	119ms 116ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/assets/js/frontend/google-maps-builder.min.js?ver=2.1.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab3b0e03916b5e93455f356c6a3514a6197f9d1ee341209cd7d4d10bf4358d3e Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bc1004c-27c0" age 388116 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49h3I0joW2RJPm89aanzDmobpJipHW8K%2BnUjsAbhROg9A1hQShIS1Ukfyj4TEdVeDpQqJWB6TwzvfScZgTke9WcsyfGykt%2BLla%2BUOmPunR%2FYXvSjDB0qoW%2BI0tVmLwOKKHUXVezgDaOvaKc%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,a66224cc4c4d376774c9b0036738c8700e8ae463327d50fff4f11de25b6d602a last-modified Fri, 12 Oct 2018 20:13:00 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778693f6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t9000000006f00000000035mh ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	map-icons.js Show response www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/js/	5 KB 3 KB	92ms 90ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/js/map-icons.js?ver=2.1.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a1f3b17dff117ebb257fecca1759c81fbdbf4f082503f18729850fa3867cbdf Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bc1004c-1241" age 1504494 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLGyqgjpW4yT3nlJFzauFauxrhMpRfFMqiQqBiTlgQYTwyN8vfHTGC17k7Rq7Mw%2BTplciiBhmePloEdfIOAX5Ys59QSrl00kZ4CQT%2BATbJgzUysHOGytzCGm%2FfSO%2BXzCr8sOrwtM4W3kUNU%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,83c9fe75a35a85db66f3e13cd5d90d35edb2928685a2acd222833b280912c95d last-modified Fri, 12 Oct 2018 20:13:00 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869416997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t9000000006f00000000035mg ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	google-maps-builder.min.js Show response www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/assets/js/frontend/	6 KB 2 KB	181ms 179ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/google-maps-builder-pro/assets/js/frontend/google-maps-builder.min.js?ver=2.1.2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb7ed95e3035af68a00ec8bd014391424483192731526884fd211f083008d81c Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bc1004d-1694" age 1198155 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91d2DeYKsyfiWLrEVnWDGIroWIfRnzEpjmdMiyH0qD96JzqgzMO5X49DA4uAHYFM3QvaHy8xK%2FlEjaolzU0c7IIyWw73wWprfOgPuNKKzZt3QetUNg80FrVQ%2F39Nb9c%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,8f8406dc1e5d4b5e02f2becfc45e87eaceeba75cb9cade6738bd1e5e5d038ca3 last-modified Fri, 12 Oct 2018 20:13:01 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869436997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9b4qzwl88mavy71rs00000006p00000000192a5 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	enlighterjs.min.js Show response www.aon.com/cyber-solutions/wp-content/plugins/enlighter/cache/	57 KB 17 KB	145ms 142ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=bv28sNlTDHXJCX5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e0c4a1ed3d232553d98c82ea0e04cee8975d0a67df819e161f96e7c32179e8c Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"60e47e2c-e33f" age 408000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FaMVPmtywoG4TVkUj%2Fok547aQBaBDoZ8xTSQeX5PecEx9mmx3cI9IXQ1UCvFxNl2W5Im5LZuS%2B2gwgLL0h%2B0bhjPEVlpnYFLTVv1KgUmPqqHyOf6ja7t3GSNsQ3WkQew2KydQd0oxUrGyk%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,511ca7491726a5ab21a56d840018ab4bfc31910bd9114b242ccbfb4f65c37201 last-modified Tue, 06 Jul 2021 16:00:44 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869446997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9b9hvqrxv8aug3wz8000000028000000001cczy ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	full-screen-search.js Show response www.aon.com/cyber-solutions/wp-content/plugins/full-screen-search-overlay/assets/js/	1 KB 950 B	159ms 156ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/plugins/full-screen-search-overlay/assets/js/full-screen-search.js?ver=1.0.0 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2eafb3077bca876c91f25546ac0487995e748d61ef6fb649305ff619cc43550 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"5bad46af-50a" age 410227 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9UIRw1uy2dJ3rpYaIR6kTHtdAYB2wUug5r%2BivOTI7%2BK1xcZi3tHlR2X9hAf7tb4lc7y66uhR7hQRqsCXYnYkNObQVCeXhwDRRJGJKIMYFiEDTa1Tx%2B2H%2B051N7UkfE%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,ad2b1f34b3529f73a074a3b44e4718bebc1fe1b52294c359f4bddb3cfdf079e1 last-modified Thu, 27 Sep 2018 21:07:59 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477869466997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9blzxgl97af9sur5n00000006fg00000000b6h1 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET		1699125c-b175-43d4-b277-8a23037cca45 https://www.aon.com/ Frame	0 0
GET H3	200	gen_204 Show response maps.googleapis.com/maps/api/mapsjs/	3 B 45 B	57ms 25ms	XHR application/json	172.217.18.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyDimZKz6nz_uv5lJrzGrl_bTTq3sxDi-NI&language=en&ver=6.4.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f10.1e100.net Software scaffolding on HTTPServer2 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers cache-control private access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length content-encoding gzip x-content-type-options nosniff access-control-allow-origin https://www.aon.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 date Sun, 03 Nov 2024 09:18:49 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 vary Origin, X-Origin, Referer server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN
GET H2	200	gtm.js Show response metrics.aon.com/	612 KB 178 KB	375ms 308ms	Script application/javascript	2606:4700:4400::ac40:9a5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://metrics.aon.com/gtm.js?id=GTM-T26JDR Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:9a5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eacfab81d038d26f198b6ab67f7a3891501394af148ae77ac167730697d64c57 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=0 cache-control public, max-age=14400 content-encoding gzip cf-cache-status MISS via 1.1 google cf-ray 8dcb4778dda09f2d-FRA expires Sun, 03 Nov 2024 13:18:50 GMT date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding server cloudflare last-modified Sun, 03 Nov 2024 09:00:00 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/	547 KB 217 KB	65ms 25ms	Script text/javascript	216.58.212.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f3.1e100.net Software sffe / Resource Hash 5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.aon.com Referer https://www.aon.com/ Response headers content-encoding gzip age 56407 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Sun, 02 Nov 2025 17:38:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 02 Nov 2024 17:38:42 GMT last-modified Tue, 22 Oct 2024 00:01:33 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 222594 x-xss-protection 0 server sffe
GET H2	200	constellation-flat.png www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/images/	185 KB 186 KB	1240ms 1240ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/images/constellation-flat.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3c7b01a53b5bf65582d1fbe1f50abc244d5b92c0c39eece6156ed5aac84c5be Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "5c0e7c91-2e3bc" age 413939 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyGZJRPsAu6DFHv9pYLOJzP24HJH5ODPhwNLZUekcABS5UMwuXtnYckuNtij60RbMpUYajBHbl4s7Gt0Xyc457hO1KrNNLaLSuhi1WfDoGjS9wRmRdHA13cLGFQtHAM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:50 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,67b6296bb93451ed6907bb12a9a105c8eab5139291cace8e5bd9a76870ae3766 last-modified Mon, 10 Dec 2018 14:47:45 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899686997-FRA accept-ranges bytes access-control-allow-origin * content-length 189372 x-azure-ref 20241103T091849Z-176c968bf9bv67j6cty8sw7m1400000007100000000136hn ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	preloslab-light-webfont.woff2 www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/fonts/	21 KB 21 KB	145ms 144ms	Font font/woff2	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/fonts/preloslab-light-webfont.woff2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/style.css?ver=2.6.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ced2fa7b2e920f8aa226ca060593e75e52e18c4587a86470eea492a1e120cebc Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.aon.com Referer https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/style.css?ver=2.6.0 Response headers cf-cache-status DYNAMIC etag "5bb67df8-5374" age 118331 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWJjWJOvWohhcbPXsXHkMgjHH4crHqiRxUjwulLK6Nhv3%2F%2BggHy9DMlcgmXtfqG1YeWit3epLB%2BxYgwyxC9j7TBuLG6ZJhYUwYWJnrQzJbrqUrGRyJ2T9D3%2B1dAIdnU%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type font/woff2 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,e2ca2d8efa77a330aa13ff59a3da2e9f8c247840df8cbc9038ea3ea1a5921831 last-modified Thu, 04 Oct 2018 20:54:16 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899696997-FRA accept-ranges bytes access-control-allow-origin * content-length 21364 x-azure-ref 20241103T091849Z-176c968bf9bjb7q55vyu428vq400000004q000000001hsgu ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	preloslab-bold-webfont.woff2 www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/fonts/	21 KB 21 KB	153ms 153ms	Font font/woff2	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/fonts/preloslab-bold-webfont.woff2 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/style.css?ver=2.6.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e70bc1c20985dcf039283ed3f089b42b55acd9affe1774dda7a7c176f3e731b4 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.aon.com Referer https://www.aon.com/cyber-solutions/wp-content/themes/genesis-sample/style.css?ver=2.6.0 Response headers cf-cache-status DYNAMIC etag "5bb67df9-53dc" age 907101 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V1ID%2BtCSDftDEwGQCZk044E3a7N15tiLXiqH0k59ndc8uC4Crw9jVQeOh5wJ3OlLInqVO5KpZxW%2FSbwC6ldPDBbiIhSwUsd%2FhSDC3jUXs5jrhbzgz%2BkW45C9%2FeQKfBM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type font/woff2 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,058deb5d3c62f32925873ab07ee5fffaa14c792344df7cc9e31f540823818a2f last-modified Thu, 04 Oct 2018 20:54:17 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4778996a6997-FRA accept-ranges bytes access-control-allow-origin * content-length 21468 x-azure-ref 20241103T091849Z-176c968bf9bhcqz5qw5gvv7xxn00000006p000000000vgp4 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	new-aon-logo.svg www.aon.com/cyber-solutions/wp-content/uploads/	615 B 0	0ms 0ms	Image image/svg+xml	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/new-aon-logo.svg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65f3429e77489962ee72bd6d65eb31089edaa8a3f213de3cc78826b15048543f Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"63e16dfa-267" age 341878 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8PmZMuOrP9WYwfvcV1v0WAoBjNte%2FIqD6rIlgE7utAdIeXdbEOoEnXDqT3sU3fczyyEEj%2FumFkWVlZBID3chfdW4NmbiMvIyRRful3hO70xKVUvzQtg2TbuhlnqtkA%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/svg+xml ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,35e0d2e8ddf4e37673c1e25dbcf1e98abe75ccc3bc5eb51a08f4057b550e9bea last-modified Mon, 06 Feb 2023 21:15:38 GMT cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb47763f476997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-176c968bf9bf2vn207w3s18t900000000690000000018hm2 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	facebook_final_aon.png www.aon.com/cyber-solutions/wp-content/uploads/	1 KB 0	50ms 50ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/facebook_final_aon.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71ea5c8225bb14bfd85a4af89237dc9c5fe6bbfc1db0f29d901209d15465948b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "5bc4be0c-432" age 247540 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2Br%2FuJcEKchMI8FWEzio6MiJgqAheUvtvvMkb8AUGEJzWbNDZFMm%2Ba4cc970MhaNKMkgG4Xg7lU4cBjNfp8SvRTQFPfkBdj9jyUycEIhKAQUYnvaCfdPZtdKly7tznaKBBpiM6IlYQaysXM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,9a9fe038608ef541e260a6e13c6dd64c99add1713bcaf63c99f61443d3a01b38 last-modified Mon, 15 Oct 2018 16:19:24 GMT cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899646997-FRA accept-ranges bytes access-control-allow-origin * content-length 1074 x-azure-ref 20241103T091849Z-r1687d95c998hfvd8xzuqw01h40000000bc0000000003873 ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	twitter_final_aon.png www.aon.com/cyber-solutions/wp-content/uploads/	2 KB 0	104ms 104ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/twitter_final_aon.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36ef11ae4a6a93b7d4aa66974e285ee8c6a0c73df88d69bba7d0121cd1d3ee6b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "5bc4be24-794" age 1141158 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNGD%2B2b357VIyj2nVw%2FUdrjmnyX7BA3V6pIvqs7mOyCdr4B%2BFhBOk9yEZ9PAxynlabpApyNY9P0%2BSQDnTqg%2BHe8IVpHiaGeW5xDhq7cWxVp7oH5l%2FOh7kCDwP5dq%2B0A%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,2a042f2ad83db90cb3cf39cbfe3934a424088fb216852337e77c38125e6d9e9a last-modified Mon, 15 Oct 2018 16:19:48 GMT cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899656997-FRA accept-ranges bytes access-control-allow-origin * content-length 1940 x-azure-ref 20241103T091849Z-r1687d95c99t2jff3kv1qzt5fs0000000csg000000003dhg ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	linkedin_final_aon.png www.aon.com/cyber-solutions/wp-content/uploads/	1 KB 0	131ms 131ms	Image image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/linkedin_final_aon.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c47c88902d076b897d10b41d9a014c6168a542e9545652f40e05ba98ee57e0e4 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "5bc4be17-563" age 417768 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZqZJaGOtD8UyPJdG23nM6E2hNPY9Q16xGM12yh3xYWkzlGOYMKzFHHKjaHsT9UGns4ZwOcwZtL879wvOZST8Gjmg5kOMEoYpSz9W1b1Sesgf2A0kLY1rcZo%2F7eE7bM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,deb855990d80578b4a2ffb7f3c297a10ab02e6dd7dcc953b33e372d79df4c2b5 last-modified Mon, 15 Oct 2018 16:19:35 GMT cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb477899666997-FRA accept-ranges bytes access-control-allow-origin * content-length 1379 x-azure-ref 20241103T091849Z-r1687d95c99sjvlxqy0h78fyds000000092g0000000048zr ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	79ms 14ms	Script application/javascript	2a02:26f0:3500:10::210:a99 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers cache-control max-age=78758 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 14628 date Sun, 03 Nov 2024 09:18:49 GMT last-modified Thu, 22 Aug 2024 10:43:55 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H2	200	lftracker_v1_bElvO73AzNbaZMqj.js Show response sc.lfeeder.com/	31 KB 11 KB	195ms 142ms	Script application/javascript	2600:9000:2250:d200:4:d7e1:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_bElvO73AzNbaZMqj.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8124c3e6d1d3398542fd41b5adf0d1f5655f66dc49b178e9a2bc6fee820a3770 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers vary accept-encoding, Origin cache-control max-age=3600 content-encoding gzip x-amz-version-id 1Olyy.bdvLix70aHclUWv.5Bj_TFf8Ap etag W/"bd7c5222f8e6f62ad164747de56b4c52" cross-origin-resource-policy cross-origin via 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront) x-cache RefreshHit from cloudfront x-amz-cf-id XESxXCBziNylR_xsde6VkZkAAjMiut66I4rrGuCB-PlDQYTqVrTn0A== date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript last-modified Wed, 09 Oct 2024 07:19:22 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-server-side-encryption AES256
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 818 B	177ms 116ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=1260122&time=1730625529790&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Referer https://www.aon.com/ Response headers x-li-pop afd-prod-lva1-x content-encoding gzip x-fs-uuid 000625fea7f31a4c2d56ced568543e39 x-msedge-ref Ref A: 9536BC396BF54DDF90D149DAC7F4C647 Ref B: AMS04EDGE2015 Ref C: 2024-11-03T09:18:49Z x-li-fabric prod-lva1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYl/qfzGkwtVs7VaFQ+OQ== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/json access-control-allow-headers *
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625529790&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625529790&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&e_ipv6=AQIz...	0 265 B	163ms 104ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625529790&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&e_ipv6=AQIzh21M2PjZ8AAAAZLxUehMRrElzMHImV0bvaBtil73eTLg1lZvRkjb3y1UoxVszz9tle1rIA Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers linkedin-action 1 x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 872600C1AF614BCC818E1674BB5763E7 Ref B: FRAEDGE1507 Ref C: 2024-11-03T09:18:50Z x-li-fabric prod-lva1 x-li-uuid AAYl/qf14khuu9uObnAf5A== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-lva1-x location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625529790&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&e_ipv6=AQIzh21M2PjZ8AAAAZLxUehMRrElzMHImV0bvaBtil73eTLg1lZvRkjb3y1UoxVszz9tle1rIA x-msedge-ref Ref A: DB8BF35D5DEC44AC9EDA2FB6437FD8C3 Ref B: DUS30EDGE0814 Ref C: 2024-11-03T09:18:49Z x-li-fabric prod-lva1 x-li-uuid AAYl/qfzMP7VkqJW9B11LQ== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sun, 03 Nov 2024 09:18:49 GMT
GET H2	200	wp-emoji-release.min.js Show response www.aon.com/cyber-solutions/wp-includes/js/	18 KB 5 KB	63ms 63ms	Script application/javascript	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-includes/js/wp-emoji-release.min.js?ver=6.4.5 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"65afba03-4904" age 2019833 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lvMwibOA4DxuEhizDyR2JwvAOCElPS9Wm0t%2FS%2FfflUEA7wwc%2BIr0a6QwiBx4QgGI2VmJJUGOnEXr9Z4lZVpr7XdmsxkFBt60wDhPC7aV92CWgFysKt3HmSHAaCTvgz%2BFO5ojJ%2BgGZ6rg8o%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=UTF-8 ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,9af9f1734277d83a4ca89b32f15ff3688e84620d9a21b6dae8a81972a2bf6586 last-modified Tue, 23 Jan 2024 13:07:15 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb4779ea3e6997-FRA access-control-allow-origin * x-azure-ref 20241103T091849Z-r1687d95c992dtqhssckfyqyuc0000000at000000001qrns ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H/1.1	200 OK	elqCfg.min.js Show response img.en25.com/i/	6 KB 3 KB	59ms 17ms	Script application/x-javascript	184.25.216.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/i/elqCfg.min.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.25.216.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-216-9.deploy.static.akamaitechnologies.com Software / Resource Hash 3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers X-Robots-Tag noindex, nofollow Content-Encoding gzip ETag "5fbd42741dd4da1:0" X-Content-Type-Options nosniff Expires Sun, 03 Nov 2024 09:18:49 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Date Sun, 03 Nov 2024 09:18:49 GMT Content-Type application/x-javascript Last-Modified Fri, 12 Jul 2024 05:36:33 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains; preload Cache-Control no-store Pragma no-cache Connection keep-alive Accept-Ranges bytes Content-Length 2183 X-XSS-Protection 1; mode=block
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 1B29	0 0	68ms 41ms	Document text/html	172.217.18.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcm7AsTAAAAAMT6rScFmPX_TGCHvG5LVMhKUZ01&co=aHR0cHM6Ly93d3cuYW9uLmNvbTo0NDM.&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=hxdv9bw6yv8u Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.4 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5YsFWm0nZtlfnnV_72_J5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.aon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-5YsFWm0nZtlfnnV_72_J5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Sun, 03 Nov 2024 09:18:49 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	svrGP.aspx s362693299.t.eloqua.com/visitor/v200/ Redirect Chain https://s362693299.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=362693299&ref2=elqNone&tzo=-60&ms=973&optin=disabled https://s362693299.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=362693299&ref2=elqNone&tzo=-60&ms=973&optin=disabled&elqCookie=1	49 B 448 B	161ms 161ms	Image image/gif	192.29.66.104 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://s362693299.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=362693299&ref2=elqNone&tzo=-60&ms=973&optin=disabled&elqCookie=1 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol HTTP/1.1 Server 192.29.66.104 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software / Resource Hash f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Robots-Tag noindex, nofollow Cache-Control no-store Pragma no-cache X-Content-Type-Options nosniff Expires -1 P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Length 49 X-Xss-Protection 1; mode=block Date Sun, 03 Nov 2024 09:18:49 GMT Content-Type image/gif Redirect headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Robots-Tag noindex, nofollow Cache-Control no-store Location https://s362693299.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=362693299&ref2=elqNone&tzo=-60&ms=973&optin=disabled&elqCookie=1 Pragma no-cache X-Content-Type-Options nosniff Expires -1 P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Length 274 X-Xss-Protection 1; mode=block Date Sun, 03 Nov 2024 09:18:49 GMT Content-Type text/html; charset=utf-8
GET H2	200	/ tr-rc.lfeeder.com/	43 B 338 B	94ms 59ms	Image image/gif	18.245.46.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr-rc.lfeeder.com/?sid=bElvO73AzNbaZMqj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42NC4xIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5hb24uY29tL2N5YmVyLXNvbHV0aW9ucy9hb25fY3liZXJfbGFicy9kaXNzZWN0aW9uLW9mLW1ha29wLXJhbnNvbXdhcmUtZ3JvdXAvIiwicGFnZVRpdGxlIjoiRGlzc2VjdGlvbiBvZiBNYWtvcCBSYW5zb213YXJlIEdyb3VwIHwgQW9uIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI0ODBiZDUzNTA0MmNjZWFkIiwic2NyaXB0SWQiOiJiRWx2TzczQXpOYmFaTXFqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS42Yzg5MjQwNmEwOTc5OWMxLjE3MzA2MjU1MzAwMzUiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-110.fra56.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers cross-origin-resource-policy cross-origin via 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront) x-cache LambdaGeneratedResponse from cloudfront content-length 43 x-amz-cf-id 2th3GvxQKvKbdHEeyzlwHEAO5S4aMaFO2AOxITTcY7OVsuFnsyOz2Q== date Sun, 03 Nov 2024 09:18:50 GMT content-type image/gif x-amz-cf-pop FRA56-P9 server CloudFront vary Origin
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 193 B	112ms 112ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.aon.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 1FEF7084A1174E08A182B219AF4B4C6E Ref B: DUS30EDGE0814 Ref C: 2024-11-03T09:18:50Z x-li-fabric prod-lva1 access-control-allow-credentials true x-li-uuid AAYl/qf315rbRczJo4YV8g== x-li-proto http/2 access-control-allow-origin https://www.aon.com x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT vary Origin
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	22 KB 7 KB	21ms 21ms	Script application/javascript	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 qVqAwzZMp5y69q24H0KNhg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCFAE4A54821C4 x-ms-lease-status unlocked cf-cache-status HIT age 20054 x-content-type-options nosniff date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript last-modified Sat, 02 Nov 2024 02:18:31 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id e6162d8b-a01e-00e4-3b43-2d8080000000 cf-ray 8dcb477c2c221903-FRA accept-ranges bytes access-control-allow-origin * content-length 7212 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	249 KB 90 KB	74ms 33ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-856047926&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6dd1ebb37b56a70e39cdacf7fbaef7d53ebab577563d00b449720d39d98010f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sun, 03 Nov 2024 09:18:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sun, 03 Nov 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 91123 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	249 KB 89 KB	94ms 54ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-759286473&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 52f153c7198aa8278ef7afc11aabb34a4b672030971a87f65a3db3770fefc8aa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sun, 03 Nov 2024 09:18:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sun, 03 Nov 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 91122 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response metrics.aon.com/gtag/	390 KB 145 KB	276ms 276ms	Script application/javascript	2606:4700:4400::ac40:9a5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://metrics.aon.com/gtag/js?id=G-S2CXP61BY4&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:9a5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2192d5760d1f53b4bf69b2b083291bd637ebc4ea561eeb60466749fb6cffcdb2 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=0 cache-control private, max-age=900 content-encoding gzip cf-cache-status DYNAMIC via 1.1 google cf-ray 8dcb477c38b29f2d-FRA expires Sun, 03 Nov 2024 09:33:17 GMT date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H2	200	bat.js Show response bat.bing.com/	50 KB 15 KB	75ms 30ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding gzip etag "028e0691d20db1:0" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 351BA5DD45224DF7937CB4EC1C72AF78 Ref B: FRA31EDGE0409 Ref C: 2024-11-03T09:18:50Z accept-ranges bytes x-cache CONFIG_NOCACHE content-length 14570 date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript last-modified Wed, 16 Oct 2024 22:47:44 GMT vary Accept-Encoding
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 643 B	147ms 147ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=1260122&time=1730625530269&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Referer https://www.aon.com/ Response headers x-li-pop afd-prod-ltx1-x content-encoding gzip x-fs-uuid 000625fea7f998183f99e271a36d88d5 x-msedge-ref Ref A: FF57ACE5AB634138924AE9180BC7208E Ref B: AMS04EDGE2015 Ref C: 2024-11-03T09:18:50Z x-li-fabric prod-ltx1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYl/qf5mBg/meJxo22I1Q== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/json access-control-allow-headers *
GET H2	200	destination Show response www.googletagmanager.com/gtag/	244 KB 87 KB	124ms 91ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-1020826298&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b457bf0d5a16cbd0f6df4469ab1f98ee3de5974bf8879ee23b105f5409e5e787 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Sun, 03 Nov 2024 09:18:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sun, 03 Nov 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89389 x-xss-protection 0 server Google Tag Manager
GET H2	200	uwt.js Show response static.ads-twitter.com/	57 KB 16 KB	55ms 14ms	Script application/javascript	199.232.188.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers vary Accept-Encoding,Host cache-control no-cache content-encoding gzip etag "4328e910de583ad53b3a7a76455af005+gzip+gzip" accept-ranges bytes x-cache HIT, HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" content-length 15926 date Sun, 03 Nov 2024 09:18:50 GMT x-tw-cdn FT last-modified Tue, 29 Oct 2024 00:10:26 GMT content-type application/javascript; charset=utf-8 x-served-by cache-iad-kiad7000084-IAD, cache-muc13948-MUC x-amz-server-side-encryption AES256
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 463 B	153ms 153ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=1377444%2C1260122&time=1730625530270&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Referer https://www.aon.com/ Response headers x-li-pop afd-prod-ltx1-x content-encoding gzip x-fs-uuid 000625fea7f99e4393b82fbb202ab945 x-msedge-ref Ref A: DFE33CEF9F8C452D9094ED777E283654 Ref B: AMS04EDGE2015 Ref C: 2024-11-03T09:18:50Z x-li-fabric prod-ltx1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYl/qf5nkOTuC+7ICq5RQ== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/json access-control-allow-headers *
GET H2	200	destination Show response www.googletagmanager.com/gtag/	249 KB 89 KB	98ms 68ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-856047926&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2ddf30d6d85ed69af8538bfa77680f2661370e47373b115bb5ed244c3bd04dce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Sun, 03 Nov 2024 09:18:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sun, 03 Nov 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 91218 x-xss-protection 0 server Google Tag Manager
GET H2	200	destination Show response www.googletagmanager.com/gtag/	249 KB 89 KB	76ms 46ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-759286473&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1ed31a5b2c0df34ba7c4d45890670e516ab8036030feba86699cf2061e7bbc30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Sun, 03 Nov 2024 09:18:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sun, 03 Nov 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 91217 x-xss-protection 0 server Google Tag Manager
GET H/1.1	200 OK	obtp.js Show response amplify.outbrain.com/cp/	30 KB 10 KB	61ms 15ms	Script application/x-javascript	23.213.165.149 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://amplify.outbrain.com/cp/obtp.js Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-149.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash f76bcf5ed9ce17975c95265a4a56ea171b80d6530564b86936ab1da6bdccfd3b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers Cache-Control max-age=1200 Content-Encoding gzip ETag "41e730392bc1cbca795ee81659f83e27:1730623230.160237" Connection keep-alive Expires Sun, 03 Nov 2024 09:38:50 GMT Accept-Ranges bytes X-CC DE Content-Length 9303 X-RG EU Date Sun, 03 Nov 2024 09:18:50 GMT Content-Type application/x-javascript Last-Modified Sun, 03 Nov 2024 08:37:20 GMT Server AkamaiNetStorage Vary Accept-Encoding
GET H2	200	gtm.js Show response metrics.aon.com/	574 KB 156 KB	664ms 664ms	Script application/javascript	2606:4700:4400::ac40:9a5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://metrics.aon.com/gtm.js?id=GTM-P4L86LB&l=dataLayer&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtm.js?id=GTM-T26JDR Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:9a5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fba63fc289644e53d0beddd45adc91fea5f73bea21eb3b9a8838366f377ee70 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=0 cache-control public, max-age=14400 content-encoding gzip cf-cache-status MISS via 1.1 google cf-ray 8dcb477c38c09f2d-FRA expires Sun, 03 Nov 2024 13:18:50 GMT date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding server cloudflare last-modified Sun, 03 Nov 2024 09:00:00 GMT
GET H/1.1	200 OK	elqCfg.min.js Show response img.en25.com/i/	6 KB 3 KB	19ms 19ms	Script application/x-javascript	184.25.216.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/i/elqCfg.min.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.25.216.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-216-9.deploy.static.akamaitechnologies.com Software / Resource Hash 3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers X-Robots-Tag noindex, nofollow Content-Encoding gzip ETag "5fbd42741dd4da1:0" X-Content-Type-Options nosniff Expires Sun, 03 Nov 2024 09:18:50 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Date Sun, 03 Nov 2024 09:18:50 GMT Content-Type application/x-javascript Last-Modified Fri, 12 Jul 2024 05:36:33 GMT Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains; preload Cache-Control no-store Pragma no-cache Connection keep-alive Accept-Ranges bytes Content-Length 2183 X-XSS-Protection 1; mode=block
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625530269&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625530269&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2&e_...	0 146 B	105ms 104ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625530269&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2&e_ipv6=AQJ9HWON-_sdAAAAAZLxUensw5n63-2q-tkslrtxzgjcpYByxrY7NidHNKzkAjA4CNHn8_z11A Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers linkedin-action 1 x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: B89CEF86AFFE4EDF8F8BDCD8E75BE967 Ref B: FRAEDGE1507 Ref C: 2024-11-03T09:18:50Z x-li-fabric prod-lva1 x-li-uuid AAYl/qf8Ob9CwfdxuNVLrA== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-lva1-x location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1260122&time=1730625530269&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2&e_ipv6=AQJ9HWON-_sdAAAAAZLxUensw5n63-2q-tkslrtxzgjcpYByxrY7NidHNKzkAjA4CNHn8_z11A x-msedge-ref Ref A: 109673B621D34D7D9380BE3DDF57EA26 Ref B: DUS30EDGE0814 Ref C: 2024-11-03T09:18:50Z x-li-fabric prod-lva1 x-li-uuid AAYl/qf5ow8y2PmtDf0R9Q== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sun, 03 Nov 2024 09:18:49 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1377444%2C1260122&time=1730625530270&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1377444%2C1260122&time=1730625530270&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&t...	0 144 B	120ms 120ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1377444%2C1260122&time=1730625530270&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2&e_ipv6=AQKLnUsLG85i9QAAAZLxUenrcm7R-ndmC4rBHtoHarUY2x_rMIPxM2tsKidcf8K2LlgCLBmmGg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers linkedin-action 1 x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: EA98060A367541ED9966F2897DB1EDAB Ref B: FRAEDGE1507 Ref C: 2024-11-03T09:18:50Z x-li-fabric prod-lva1 x-li-uuid AAYl/qf7h9+nZkMtM73Yfw== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-lva1-x location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1377444%2C1260122&time=1730625530270&url=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tm=gtmv2&e_ipv6=AQKLnUsLG85i9QAAAZLxUenrcm7R-ndmC4rBHtoHarUY2x_rMIPxM2tsKidcf8K2LlgCLBmmGg x-msedge-ref Ref A: 6C440C3D098C4CE7AC06483DF8556ACB Ref B: DUS30EDGE0814 Ref C: 2024-11-03T09:18:50Z x-li-fabric prod-lva1 x-li-uuid AAYl/qf5o4/bcrL6/MligQ== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sun, 03 Nov 2024 09:18:49 GMT
GET H/1.1	200 OK	svrGP.aspx s362693299.aon.com/visitor/v200/ Redirect Chain https://s362693299.aon.com/visitor/v200/svrGP?pps=3&siteid=362693299&ref=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&ref2=elqNone&tzo=-60&... https://s362693299.aon.com/visitor/v200/svrGP.aspx?pps=3&siteid=362693299&ref=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&ref2=elqNone&tzo...	49 B 504 B	134ms 134ms	Image image/gif	192.29.70.228 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://s362693299.aon.com/visitor/v200/svrGP.aspx?pps=3&siteid=362693299&ref=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&ref2=elqNone&tzo=-60&ms=973&optin=disabled&elq1pcGUID=35867FE83168404CB158AE8BBA3568CA Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol HTTP/1.1 Server 192.29.70.228 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software / Resource Hash f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers X-Robots-Tag noindex, nofollow Cache-Control no-store Pragma no-cache X-Content-Type-Options nosniff Expires -1 P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Length 49 X-Xss-Protection 1; mode=block Date Sun, 03 Nov 2024 09:18:49 GMT Content-Type image/gif Redirect headers X-Robots-Tag noindex, nofollow Cache-Control no-store Location https://s362693299.aon.com/visitor/v200/svrGP.aspx?pps=3&siteid=362693299&ref=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&ref2=elqNone&tzo=-60&ms=973&optin=disabled&elq1pcGUID=35867FE83168404CB158AE8BBA3568CA Pragma no-cache X-Content-Type-Options nosniff Expires -1 P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Length 412 X-Xss-Protection 1; mode=block Date Sun, 03 Nov 2024 09:18:49 GMT Content-Type text/html; charset=utf-8
GET H2	200	3efff794.min.js Show response tag.demandbase.com/	60 KB 17 KB	35ms 10ms	Script application/javascript	18.245.46.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.demandbase.com/3efff794.min.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-22.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b08a395ec9eb36f0112e7bc45af7a97923503c9544dac72c93f027d5ef684e84 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding gzip x-amz-version-id 381MRWbg1NHiGz9aREbxEqBkAzilCUis etag W/"906e7f923d33c23320e3013e0c15cd7a" age 3575 x-cache Hit from cloudfront x-amz-cf-id c0IL7KA-7rznIj4w09pbMAeYoNimGWYiJrTaXBudNtdiRuSiLddKtw== date Sun, 03 Nov 2024 08:20:33 GMT content-type application/javascript; charset=utf-8 vary accept-encoding last-modified Thu, 08 Aug 2024 19:46:00 GMT strict-transport-security max-age=63072000; includeSubDomains; preload cache-control public, max-age=3600 via 1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront) permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() x-amz-cf-pop FRA56-P9 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	00db5e7f-3e2d-4e3a-9090-c226ff90e4d1.json Show response cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1/	10 KB 3 KB	51ms 31ms	XHR application/json	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1780f6828e8f780c3df4310a360ab3948d4547dd18ff0b8fa72a8014377dbfa8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 X/eMumIlhrPLEg8ugRVReg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status HIT etag 0x8DC65124C182D7A age 47691 x-ms-lease-status unlocked x-content-type-options nosniff x-ms-version 2009-09-19 expires Mon, 04 Nov 2024 09:18:50 GMT date Sun, 03 Nov 2024 09:18:50 GMT content-type application/json last-modified Thu, 25 Apr 2024 10:27:24 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id c96607c6-801e-0059-034c-26960c000000 cf-ray 8dcb477caf9c975f-FRA accept-ranges bytes access-control-allow-origin * content-length 2378 x-ms-blob-type BlockBlob server cloudflare
GET H3	200	bframe www.google.com/recaptcha/api2/ Frame 60FE	0 0	27ms 27ms	Document text/html	172.217.18.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Lcm7AsTAAAAAMT6rScFmPX_TGCHvG5LVMhKUZ01 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.4 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mj1TnDn2RkWoSiR8KuwuMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.aon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-mj1TnDn2RkWoSiR8KuwuMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Sun, 03 Nov 2024 09:18:50 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET		adsct t.co/i/	0 0
GET		adsct analytics.twitter.com/i/	0 0
GET H/1.1	200 OK	0011c4237e728be48402bcca51bf32e7e7 Show response wave.outbrain.com/mtWavesBundler/handler/	3 KB 2 KB	54ms 8ms	Script text/html	23.213.165.149 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://wave.outbrain.com/mtWavesBundler/handler/0011c4237e728be48402bcca51bf32e7e7 Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-149.deploy.static.akamaitechnologies.com Software / Resource Hash 6f1faa08ae6554bd1501927f96dc7836b58d2795ad60cac26127104529f4f1f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload Cache-Control max-age=60 ob-sent-time 1730580313220 Content-Encoding gzip ETag W/"cf7-N7uLweiGwW4XTVXx2sxnZX6ocOo" Connection keep-alive Expires Sun, 03 Nov 2024 09:19:50 GMT Access-Control-Allow-Origin * X-CC DE Content-Length 1504 X-RG EU Date Sun, 03 Nov 2024 09:18:50 GMT Content-Type text/html; charset=utf-8 Vary Accept-Encoding x-traceid c267bf951c2c033b4e50b8ec849effb9
GET H/1.1	200 OK	topics Show response amplify.outbrain.com/	26 B 301 B	25ms 9ms	Fetch text/html	23.213.165.149 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://amplify.outbrain.com/topics Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-149.deploy.static.akamaitechnologies.com Software / Resource Hash 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers Cache-Control max-age=1200 Connection keep-alive Observe-Browsing-Topics ?1 Expires Sun, 03 Nov 2024 09:38:50 GMT Access-Control-Allow-Origin * X-CC DE Content-Length 26 X-RG EU Date Sun, 03 Nov 2024 09:18:50 GMT Content-Type text/html
GET H/1.1	200 OK	unifiedPixel Show response tr.outbrain.com/	53 B 321 B	335ms 89ms	Fetch image/gif	70.42.32.127 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/unifiedPixel?au=false&bust=02430760610231426&referrer=&cht=gtm&marketerId=0011c4237e728be48402bcca51bf32e7e7&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&g=0&zone=euZone1&obApiVersion=2.0-gtm&obtpVersion=2.0.5 Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache content-length 54 content-encoding br date Sun, 03 Nov 2024 09:18:50 GMT content-type image/gif; x-traceid 0814fdf676ee5088ee5078b415996e85
GET H/1.1	200 OK	cachedClickId Show response tr.outbrain.com/	35 B 293 B	339ms 93ms	Script application/javascript	70.42.32.127 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/cachedClickId?marketerId=0011c4237e728be48402bcca51bf32e7e7 Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-length 39 content-encoding br date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript x-traceid 176ba4545dab23d8db31e2751a898392
GET H2	200	13002250.js Show response bat.bing.com/p/action/	362 B 416 B	39ms 39ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/13002250.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 008393E0E5B740BCADE39A801EE00209 Ref B: FRA31EDGE0409 Ref C: 2024-11-03T09:18:50Z x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	49ms 20ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 accept application/json Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip access-control-allow-methods GET, OPTIONS cf-ray 8dcb477d0aa5d40e-FRA access-control-allow-origin * date Sun, 03 Nov 2024 09:18:50 GMT content-type application/json vary Accept-Encoding server cloudflare access-control-allow-headers Content-Type
GET H2	200	sync s.company-target.com/s/ Frame CA99	0 0	149ms 105ms	Document text/html	34.96.71.22 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://s.company-target.com/s/sync?exc=lr Requested by Host: tag.demandbase.com URL: https://tag.demandbase.com/3efff794.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 22.71.96.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.aon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-methods GET,OPTIONS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 634 content-type text/html; charset=UTF-8 date Sun, 03 Nov 2024 09:18:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google
GET H2	451	464526.gif id.rlcdn.com/	0 98 B	89ms 34ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/464526.gif Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Sun, 03 Nov 2024 09:18:50 GMT
POST H2	401	ip.json Show response api.company-target.com/api/v3/	12 B 506 B	154ms 121ms	XHR text/plain	18.66.102.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&page_title=Dissection%20of%20Makop%20Ransomware%20Group%20%7C%20Aon Requested by Host: tag.demandbase.com URL: https://tag.demandbase.com/3efff794.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-98.fra56.r.cloudfront.net Software nginx / Resource Hash d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://www.aon.com/ Response headers access-control-max-age 7200 access-control-expose-headers access-control-allow-methods GET, POST, OPTIONS x-content-type-options nosniff request-id 68b1b5eb-0bf2-4ea0-a07f-e4a74292accc x-cache Error from cloudfront x-amz-cf-id 8II1kHVC7jT2CNnxulM7jhWU2VOv1nNUWw7g_TwOZlIscOYY6J_JVA== date Sun, 03 Nov 2024 09:18:50 GMT content-type text/plain;charset=utf-8 vary Origin www-authenticate DemandBase API access-control-allow-credentials true via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) access-control-allow-origin https://www.aon.com content-length 12 x-amz-cf-pop FRA56-P2 server nginx
POST H2	204	0 bat.bing.net/actionp/	0 347 B	131ms 35ms	Ping text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.net/actionp/0?ti=13002250&tm=gtm002&Ver=2&mid=fb8399f4-a233-47cc-9480-a38614de0281&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F7907FBBF165480F85D674CCB93F4DA2 Ref B: AMS04EDGE1307 Ref C: 2024-11-03T09:18:50Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT
GET H2	204	0 bat.bing.net/action/	0 120 B	132ms 37ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.net/action/0?ti=13002250&tm=gtm002&Ver=2&mid=fb8399f4-a233-47cc-9480-a38614de0281&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Dissection%20of%20Makop%20Ransomware%20Group%20%7C%20Aon&kw=CyQu,%20Cyber%20Quotient%20Evaluation,%20Cyber%20Quotient%20Evaluation%20Enterprise,%20Cyber%20Maturity,%20Cyber%20Assessment%20Tools,%20CyQu%20Enterpise,%20Digital%20Forensics,%20Incident%20Response,%20Stroz%20Friedberg%20Incident%20Response,%20Stroz%20Friedberg%20Digital%20Forensics,%20Incident%20Response%20Retainer,%20Data%20Breach,%20Cyber%20Breach,%20Data%20Breach%20Response,%20Response%20to%20Data%20Breach,%20Data%20Breach%20Notification,%20eDiscovery,%20Cyber%20Risk,%20Cyber%20Security,%20Cybersecurity,%20Cyber%20Insurance,%20Cyber%20Insurance%20Coverage,%20Cyber%20Risk%20Quantification,%20Cyber%20Risk%20Assessment,%20Penetration%20Testing,%20Red%20Teaming,%20Application%20Testing,%20Cyber%20Impact%20Analysis,%20Cyber%20Security%20Consulting,%20Cyber%20Risk%20Analysis,%20Cyber%20Risk%20Management,%20Cyber%20Resilience,%20Computer%20Forensics,%20Data%20Breach%20Response%20Services,%20Incident%20Response%20Plan,%20Incident%20Response%20Planning,%20Data%20Security,%20Cyber%20Security%20Testing,%20Security%20Risk%20Assessment,%20Network%20Penetration%20Testing,%20Cyber%20Due%20Diligence,%20Cyber%20Risk%20Financing,%20Cyber%20Threat%20Simulation,%20CISO%20Advisory,%20Cyber%20Claims%20Management&p=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&r=&lt=1501&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=78629 Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3B22B4B95040480F9242FE0FB84C96EA Ref B: AMS04EDGE1307 Ref C: 2024-11-03T09:18:50Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:49 GMT
POST H3	200	collect www.google.com/ccm/	0 0	24ms 24ms	Ping text/plain	172.217.18.4 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1275181824.1730625530&auid=1716973921.1730625530&npa=1&gtm=45be4au0v897005529z871705441za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730625530426&tfd=2011&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-759286473&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.4 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202404.1.0/	448 KB 109 KB	34ms 34ms	Script application/javascript	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b2c8a628ac3cc142c26da2e866a563733b1c2268bffa281aaf5851b58efb6a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 OwLk2N0IZ0eq8ykUTltEhw== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-lease-status unlocked cf-bgj minify cf-cache-status HIT x-ms-version 2009-09-19 age 23879 content-encoding gzip x-content-type-options nosniff cf-polished origSize=458456 date Sun, 03 Nov 2024 09:18:50 GMT content-type application/javascript last-modified Tue, 16 Jul 2024 21:54:14 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id b8648cb7-501e-00d3-1b82-252c2f000000 cf-ray 8dcb477d4d461903-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4al0/ Frame 897B	0 0	79ms 18ms	Document text/html	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.aon.com Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-759286473&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 321299 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Wed, 30 Oct 2024 16:03:51 GMT expires Thu, 30 Oct 2025 16:03:51 GMT last-modified Mon, 21 Oct 2024 16:58:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	en.json Show response cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1/018e09c1-aca6-74ad-b298-035053852304/	83 KB 21 KB	28ms 26ms	Fetch application/json	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1/018e09c1-aca6-74ad-b298-035053852304/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4226e373fd5ca008984879ad3346e132a4c25e9a45d2737c9b7adfc45dc4237 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 m78dZvcIdhze9uAbmid02g== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status HIT etag 0x8DC65126336BAA6 age 43867 x-ms-lease-status unlocked x-content-type-options nosniff x-ms-version 2009-09-19 expires Mon, 04 Nov 2024 09:18:50 GMT date Sun, 03 Nov 2024 09:18:50 GMT content-type application/json last-modified Thu, 25 Apr 2024 10:28:02 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 9a6ed761-501e-0097-5c4d-26f043000000 cf-ray 8dcb477de8a9975f-FRA accept-ranges bytes access-control-allow-origin * content-length 21074 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202404.1.0/assets/	13 KB 3 KB	21ms 21ms	Fetch application/json	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 wVmOcRQlphGKWcIXUwH+kQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E1D0E34137 x-ms-lease-status unlocked cf-cache-status HIT age 5541 x-content-type-options nosniff date Sun, 03 Nov 2024 09:18:50 GMT content-type application/json last-modified Tue, 16 Jul 2024 21:54:07 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 65ee408d-601e-0094-6054-d8f344000000 cf-ray 8dcb477e28f6975f-FRA accept-ranges bytes access-control-allow-origin * content-length 3041 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/202404.1.0/assets/v2/	63 KB 13 KB	26ms 25ms	Fetch application/json	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/v2/otPcTab.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7465924993bbca3c35db5e27f00d48e1b718c7e82bf610926f9f388bfb13c2e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 qIGR8FqwQLz3zbm57Yj7eA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E1D26596C2 x-ms-lease-status unlocked cf-cache-status HIT age 4794 x-content-type-options nosniff date Sun, 03 Nov 2024 09:18:50 GMT content-type application/json last-modified Tue, 16 Jul 2024 21:54:09 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 66e129d8-e01e-00e8-0357-d86e71000000 cf-ray 8dcb477e28f7975f-FRA accept-ranges bytes access-control-allow-origin * content-length 13627 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202404.1.0/assets/	24 KB 4 KB	27ms 27ms	Fetch text/css	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 906696b6eda58302976c520c1c37e981beb5e14702bd2445b987083bacb52116 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 4ErYmXXFNbMLrnc9DrDTsg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-lease-status unlocked cf-bgj minify cf-cache-status HIT x-ms-version 2009-09-19 age 563 content-encoding gzip x-content-type-options nosniff cf-polished origSize=24823 date Sun, 03 Nov 2024 09:18:50 GMT content-type text/css last-modified Tue, 16 Jul 2024 21:54:20 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id aab05536-301e-0100-70fd-d7d5df000000 cf-ray 8dcb477e28f8975f-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	ot_close.svg cdn.cookielaw.org/logos/static/	651 B 600 B	20ms 20ms	Image image/svg+xml	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_close.svg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 pcXWFGpuVeSg/jVnYCseRg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 6703 content-encoding gzip x-content-type-options nosniff date Sun, 03 Nov 2024 09:18:50 GMT content-type image/svg+xml last-modified Sat, 02 Nov 2024 02:18:37 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 812d9f92-a01e-0001-4157-2d9277000000 cf-ray 8dcb477e7e7c1903-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 490 B	20ms 20ms	Fetch image/svg+xml	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 tXyZydHjxQshFMbbBT1/8A== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 4794 content-encoding gzip x-content-type-options nosniff date Sun, 03 Nov 2024 09:18:50 GMT content-type image/svg+xml last-modified Sat, 02 Nov 2024 02:18:37 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id c06a312b-501e-0097-6f39-2df043000000 cf-ray 8dcb477e8936975f-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	aon_logo_signature_red_rgb.png cdn.cookielaw.org/logos/3f996699-ab81-49df-b284-e640e5fe59d5/c8acab65-fb9f-4127-aac7-6867bd482c6a/2185d97a-9d51-4ce1-81d3-2eb52b72ab70/	14 KB 14 KB	24ms 23ms	Image image/png	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/3f996699-ab81-49df-b284-e640e5fe59d5/c8acab65-fb9f-4127-aac7-6867bd482c6a/2185d97a-9d51-4ce1-81d3-2eb52b72ab70/aon_logo_signature_red_rgb.png Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04aeb0ef3d0aac08d5ec07db8dc76db96eb5fddac66edddbaa4ab7494b88ba87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 /qnTnxY4JW68h85eWo7GKA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked etag 0x8DB6E67D0C0166F age 11059 cf-cache-status HIT x-content-type-options nosniff date Sun, 03 Nov 2024 09:18:50 GMT content-type image/png last-modified Fri, 16 Jun 2023 12:47:16 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 0a21aedd-201e-004a-5ab2-129a0c000000 cf-ray 8dcb477e9eab1903-FRA accept-ranges bytes access-control-allow-origin * content-length 14058 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	25ms 24ms	Image image/svg+xml	2606:4700::6812:562a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-md5 Y+c301RBZNK39PvKQWrIBw== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 58653 content-encoding gzip x-content-type-options nosniff date Sun, 03 Nov 2024 09:18:50 GMT content-type image/svg+xml last-modified Thu, 31 Oct 2024 19:22:08 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 111021d1-001e-0043-5a82-2cb963000000 cf-ray 8dcb477e9eae1903-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	collect Show response metrics.aon.com/g/	65 B 300 B	594ms 594ms	XHR text/plain	2606:4700:4400::ac40:9a5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://metrics.aon.com/g/collect?v=2&tid=G-S2CXP61BY4&gtm=45he4au0v880546860z871705441za204zb71705441&_p=1730625529654&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1125914192.1730625531&ecid=59534266&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.tft=1730625529654&sst.ude=0&_s=1&dl=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&sid=1730625530&sct=1&seg=0&dt=Dissection%20of%20Makop%20Ransomware%20Group%20%7C%20Aon&en=page_view&_fv=1&_nsi=1&_ss=1&epn.custom_timestamp=1730625530266&tfd=2375&richsstsse Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtag/js?id=G-S2CXP61BY4&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:9a5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=0 cache-control no-cache content-encoding gzip cf-cache-status DYNAMIC access-control-allow-credentials true x-content-type-options nosniff via 1.1 google cf-ray 8dcb477f7ba49f2d-FRA access-control-allow-origin https://www.aon.com date Sun, 03 Nov 2024 09:18:51 GMT content-type text/plain vary Accept-Encoding server cloudflare
GET H2	200	collect Show response metrics.aon.com/g/	473 B 824 B	272ms 272ms	XHR text/plain	2606:4700:4400::ac40:9a5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://metrics.aon.com/g/collect?v=2&tid=G-S2CXP61BY4&gtm=45he4au0v880546860z871705441za204zb71705441&_p=1730625529654&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1125914192.1730625531&ecid=59534266&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.tft=1730625529654&sst.ude=0&_s=2&dl=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&dr=&sid=1730625530&sct=1&seg=0&dt=Dissection%20of%20Makop%20Ransomware%20Group%20%7C%20Aon&en=unique_page_view&_c=1&epn.custom_timestamp=1730625530271&_et=2&tfd=2379&richsstsse Requested by Host: metrics.aon.com URL: https://metrics.aon.com/gtag/js?id=G-S2CXP61BY4&l=dataLayer&cx=c&sign=d2ae3095bdeef025fa40f8efc56993376477eace10627b334baefa8bb06cbb67_20241103 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:9a5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 789a20cead3f6b8bd875bee1e819d2f69a75b19d03bd7d0c1982993a5a314d52 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=0 cache-control no-cache content-encoding gzip cf-cache-status DYNAMIC access-control-allow-credentials true x-content-type-options nosniff via 1.1 google cf-ray 8dcb477f7bb09f2d-FRA access-control-allow-origin https://www.aon.com date Sun, 03 Nov 2024 09:18:51 GMT content-type text/plain vary Accept-Encoding server cloudflare
GET H2	204	register-conversion www.google-analytics.com/privacy-sandbox/	0 1 KB	75ms 24ms	Image text/plain	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=b1059b7d5c51a58a8e2136bb5b495a35f2b9b2eaa82c367e358258ed07e0afef&dbk=18081349458361969205&dma=1&dma_cps=syphamo&en=unique_page_view&gtm=45h91e4au1v880546860z871705441z9889604156za204zb71705441&npa=1&tid=G-S2CXP61BY4&dl=https%3A%2F%2Fwww.aon.com%3F Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache attribution-reporting-info preferred-platform=os cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0 attribution-reporting-register-os-trigger "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=b1059b7d5c51a58a8e2136bb5b495a35f2b9b2eaa82c367e358258ed07e0afef&dbk=18081349458361969205&dma=1&dma_cps=syphamo&en=unique_page_view&gtm=45h91e4au1v880546860z871705441z9889604156za204zb71705441&npa=1&tid=G-S2CXP61BY4&dl=https%3A%2F%2Fwww.aon.com%3F" expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 attribution-reporting-register-trigger {"aggregatable_trigger_data":[{"key_piece":"0x3b03c1d9f492a3b2","source_keys":["1"]},{"key_piece":"0xf06d6ac64a096708","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"18081349458361969205","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["1068780826","759286473","811559433","16558022252","856047926"],"5":["11-03","11-02","11-01"]}} date Sun, 03 Nov 2024 09:18:51 GMT content-type text/plain server Golfe2
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	19ms 9ms	Script application/x-javascript	157.240.253.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra5.fbcdn.net Software / Resource Hash 924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-aiEu5ZAz' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 03 Nov 2024 09:18:51 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-aiEu5ZAz' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4412, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug GR7mq7Tforbg7qxw6RIKH8bfIcbF2G8cBcql8YQRKe4PkqBQBZxXxnzSsAxflLWH5bDXhzXAcYLT15lgN7cfYg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62086 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	2036939646567090 Show response connect.facebook.net/signals/config/	73 KB 15 KB	86ms 86ms	Script application/x-javascript	157.240.253.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2036939646567090?v=2.9.176&r=stable&domain=www.aon.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra5.fbcdn.net Software / Resource Hash c4825f8b434b549c7d6c128f7d167956faa24906dd0ca632b112cc1927fbd776 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dux86gSs' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 03 Nov 2024 09:18:51 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dux86gSs' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=74, mss=1232, tbw=70266, tp=66, tpl=0, uplat=76, ullat=0 pragma public x-fb-debug 3OIRov6JrckkR8F5DZl8ScRz2eMbgAqVOiNdAE93qi1B8kaiaPuwV87H5tn88IXwMyKgMdqpfvbnz1onlTG3fA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	/ www.facebook.com/tr/	0 273 B	27ms 9ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2036939646567090&ev=PageView&dl=https%3A%2F%2Fwww.aon.com&rl=&if=false&ts=1730625531313&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1730625531312.30078695267527251&pm=1&hrl=abe1a1&ler=empty&cdl=API_unavailable&it=1730625531217&coo=false&cs_cc=1&cas=6156849821105349&rqm=GET Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2889, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sun, 03 Nov 2024 09:18:51 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	144ms 126ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2036939646567090&ev=PageView&dl=https%3A%2F%2Fwww.aon.com&rl=&if=false&ts=1730625531313&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1730625531312.30078695267527251&pm=1&hrl=abe1a1&ler=empty&cdl=API_unavailable&it=1730625531217&coo=false&cs_cc=1&cas=6156849821105349&rqm=FGET Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432980059067191983"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 03 Nov 2024 09:18:51 GMT content-type image/png vary Accept-Encoding x-fb-debug FXD+HiSK4rG3lPZ10ah+ORSwgbgs88rE5q5eqDLNduM0b78xoj/dCtwzwHRRpn7jWoy9iT34ZzpjTk+YmHnq8w== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432980059067191983", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=19, mss=1297, tbw=3435, tp=-1, tpl=-1, uplat=115, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	/ www.facebook.com/tr/	0 102 B	28ms 10ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2036939646567090&ev=JobsPageRTGT&dl=https%3A%2F%2Fwww.aon.com&rl=&if=false&ts=1730625531315&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12316&fbp=fb.1.1730625531312.30078695267527251&pm=1&hrl=afce47&ler=empty&cdl=API_unavailable&it=1730625531217&coo=false&cs_cc=1&rqm=GET Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3289, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sun, 03 Nov 2024 09:18:51 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 848 B	198ms 180ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2036939646567090&ev=JobsPageRTGT&dl=https%3A%2F%2Fwww.aon.com&rl=&if=false&ts=1730625531315&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12316&fbp=fb.1.1730625531312.30078695267527251&pm=1&hrl=afce47&ler=empty&cdl=API_unavailable&it=1730625531217&coo=false&cs_cc=1&rqm=FGET Requested by Host: www.aon.com URL: https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432980058891144315"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 03 Nov 2024 09:18:51 GMT content-type image/png vary Accept-Encoding x-fb-debug BJKkQnS+xbqHahVFvlKg6tKbC421Uenhw+pmhBHEEr9jQx/GsSCsHbJTZIfqFFMSmU/i08nnqAdRTdS+/HT3jQ== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432980058891144315", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=12, rtx=0, c=19, mss=1297, tbw=6247, tp=-1, tpl=-1, uplat=170, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	favicon-16x16.png www.aon.com/cyber-solutions/wp-content/uploads/	814 B 1 KB	93ms 92ms	Other image/png	2606:4700:4400::ac40:95e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aon.com/cyber-solutions/wp-content/uploads/favicon-16x16.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:4400::ac40:95e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 179ae3a0f662898ad9fff4e74d5678592c7a46a2b8b59f53f5bac5fcfbeaad7d Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/cyber-solutions/aon_cyber_labs/dissection-of-makop-ransomware-group/ Response headers cf-cache-status DYNAMIC etag "5bc4a3d5-32e" age 169825 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PGmGOgYQWg7Y8XoEv%2FrOfxWdkpRJh4YgrZpvdCjgsYcKDBFCioidL5GgFcxK9tIpJM9tbbVko5Uy8SiFe3fKmk5t5lXhTD8ciES%2BWKKWd%2FoFL8fvQda1cIcqjCvHe9vc%2Fs2nedFd7gzqc0s%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 31 Dec 2037 23:55:55 GMT x-cache CONFIG_NOCACHE date Sun, 03 Nov 2024 09:18:51 GMT content-type image/png ki-cf-cache-status HIT vary Accept-Encoding ki-origin g1p ki-cache-tag 12c2b500-a786-41fa-ba47-fb2406ca9f35,905116c7626a9e3fbb3ac2c5b12cc9e8726581b2d9a6513ed2f29e7d69974ff6 last-modified Mon, 15 Oct 2018 14:27:33 GMT strict-transport-security max-age=15552000; preload cache-control public, max-age=31536000, s-maxage=2592000 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-edge-location-klb 1 cf-ray 8dcb478419c46997-FRA accept-ranges bytes access-control-allow-origin * content-length 814 x-azure-ref 20241103T091851Z-176c968bf9bf2vn207w3s18t9000000006f00000000035ud ki-cache-type CDN ki-edge v=20.2.8;mv=3.1.4 server cloudflare
GET H3	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/58/11a/	267 KB 56 KB	26ms 25ms	Script text/javascript	172.217.18.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/58/11a/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyDimZKz6nz_uv5lJrzGrl_bTTq3sxDi-NI&language=en&ver=6.4.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f10.1e100.net Software sffe / Resource Hash 87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding br age 55345 report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} x-content-type-options nosniff expires Sun, 02 Nov 2025 17:56:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 02 Nov 2024 17:56:29 GMT last-modified Tue, 29 Oct 2024 22:44:00 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="maps-api-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js accept-ranges bytes content-length 56823 x-xss-protection 0 server sffe
GET H3	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/58/11a/	191 KB 58 KB	25ms 25ms	Script text/javascript	172.217.18.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/58/11a/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyDimZKz6nz_uv5lJrzGrl_bTTq3sxDi-NI&language=en&ver=6.4.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f10.1e100.net Software sffe / Resource Hash bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.aon.com/ Response headers content-encoding br age 53934 report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} x-content-type-options nosniff expires Sun, 02 Nov 2025 18:20:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 02 Nov 2024 18:20:00 GMT last-modified Tue, 29 Oct 2024 22:44:00 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="maps-api-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js accept-ranges bytes content-length 59447 x-xss-protection 0 server sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.aon.com

URL

blob:https://www.aon.com/1699125c-b175-43d4-b277-8a23037cca45

Domain

t.co

URL

https://t.co/i/adsct?bci=3&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=a20b74d4-0fe2-44bf-bb41-32da65122a76&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=00381688-f277-44a9-8576-5c33bc13497a&tw_document_href=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1t92&type=javascript&version=2.3.31

Domain

analytics.twitter.com

URL

https://analytics.twitter.com/i/adsct?bci=3&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=a20b74d4-0fe2-44bf-bb41-32da65122a76&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=00381688-f277-44a9-8576-5c33bc13497a&tw_document_href=https%3A%2F%2Fwww.aon.com%2Fcyber-solutions%2Faon_cyber_labs%2Fdissection-of-makop-ransomware-group%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1t92&type=javascript&version=2.3.31