www.csoonline.com Open in urlscan Pro
151.101.194.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Submission: On June 06 via api (June 6th 2023, 2:10:50 am UTC) from TR — Scanned from DE

Summary HTTP 228 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 41 domains to perform 228 HTTP transactions. The main IP is 151.101.194.165, located in United States and belongs to FASTLY, US. The main domain is www.csoonline.com. The Cisco Umbrella rank of the primary domain is 173040.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q1 on March 1st 2023. Valid for: a year.

This is the only time www.csoonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
68	151.101.194.165 151.101.194.165	54113 (FASTLY) (FASTLY)
1	2600:9000:20c... 2600:9000:20c3:c200:17:5578:e080:21	16509 (AMAZON-02) (AMAZON-02)
13	99.84.88.27 99.84.88.27	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.40 99.84.88.40	16509 (AMAZON-02) (AMAZON-02)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.32.185.42 23.32.185.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:225... 2600:9000:225e:b000:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::ac43:2b3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.84.88.94 99.84.88.94	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 4	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
7	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	104.237.62.211 104.237.62.211	18450 (WEBNX) (WEBNX)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	23.21.213.43 23.21.213.43	14618 (AMAZON-AES) (AMAZON-AES)
10	52.209.97.79 52.209.97.79	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.28 108.138.36.28	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:d12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	108.138.36.58 108.138.36.58	16509 (AMAZON-02) (AMAZON-02)
2	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:e00:f:1dcc:7540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
45	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
3 12	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3	3.64.171.66 3.64.171.66	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	3.66.125.92 3.66.125.92	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a05:d018:d29... 2a05:d018:d29:3601:78d2:f403:256d:1a22	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
228	45

68 151.101.194.165 (United States)

ASN54113 (FASTLY, US)

www.csoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alt.idgesg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idge.staticworld.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.techhive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.idgesg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.staticworld.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:c200:17:5578:e080:21 (United States)

ASN16509 (AMAZON-02, US)

d2zv5rkii46miq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 99.84.88.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-27.muc50.r.cloudfront.net

cmpv2.csoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-40.muc50.r.cloudfront.net

ccpa.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-42.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:b000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2b3c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.subscribers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-94.muc50.r.cloudfront.net

cmp.csoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.211 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: hosted-by.racknerd.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.21.213.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-213-43.compute-1.amazonaws.com

ccpa-service.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.209.97.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-28.muc50.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-58.muc50.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:e00:f:1dcc:7540:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.171.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-171-66.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.66.125.92 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-125-92.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:78d2:f403:256d:1a22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (Chicago, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	csoonline.com www.csoonline.com — Cisco Umbrella Rank: 173040 cmpv2.csoonline.com — Cisco Umbrella Rank: 505275 cmp.csoonline.com — Cisco Umbrella Rank: 751129	489 KB
45	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 675	9 KB
17	3lift.com 3 redirects ib.3lift.com — Cisco Umbrella Rank: 1478 eb2.3lift.com — Cisco Umbrella Rank: 402 tlx.3lift.com — Cisco Umbrella Rank: 592	68 KB
10	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1255	6 KB
9	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2723 api.permutive.com — Cisco Umbrella Rank: 2038	185 KB
9	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	153 KB
8	staticworld.net idge.staticworld.net — Cisco Umbrella Rank: 179227 pixel.staticworld.net — Cisco Umbrella Rank: 245168	11 KB
7	google.com cse.google.com — Cisco Umbrella Rank: 3467 www.google.com — Cisco Umbrella Rank: 3 clients1.google.com — Cisco Umbrella Rank: 555 ampcid.google.com — Cisco Umbrella Rank: 2277	202 KB
5	idgesg.net alt.idgesg.net — Cisco Umbrella Rank: 104991 images.idgesg.net — Cisco Umbrella Rank: 138615	24 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 545 p.typekit.net — Cisco Umbrella Rank: 711	72 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 523	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	22 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	4 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 340	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	264 KB
3	subscribers.com cdn.subscribers.com — Cisco Umbrella Rank: 26826	146 KB
3	sp-prod.net ccpa.sp-prod.net — Cisco Umbrella Rank: 13984 ccpa-service.sp-prod.net — Cisco Umbrella Rank: 32448	20 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 598	1 KB
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 597 as-sec.casalemedia.com — Cisco Umbrella Rank: 2002	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	2 KB
2	dwin2.com www.dwin2.com — Cisco Umbrella Rank: 23267	136 KB
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 543 s-jsonp.moatads.com — Cisco Umbrella Rank: 17027	55 KB
2	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3284	18 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 160	3 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 365	655 B
2	techhive.com images.techhive.com — Cisco Umbrella Rank: 264741	54 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1121	90 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 556	301 B
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452	426 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 238	669 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 382	647 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1068	254 B
1	google.de ampcid.google.de — Cisco Umbrella Rank: 56497	323 B
1	soundcloud.com w.soundcloud.com — Cisco Umbrella Rank: 20468	6 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2439	138 B
1	prmutv.co f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co — Cisco Umbrella Rank: 128720	395 B
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2850	44 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3731	156 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 680	39 KB
1	cloudfront.net d2zv5rkii46miq.cloudfront.net	2 KB
228	41

	Domain	Requested by
53	www.csoonline.com	www.csoonline.com
45	analytics.twitter.com	www.csoonline.com
13	cmpv2.csoonline.com	www.csoonline.com cmpv2.csoonline.com
12	eb2.3lift.com	3 redirects ib.3lift.com eb2.3lift.com
10	jadserve.postrelease.com	s.ntv.io www.csoonline.com
7	api.permutive.com	cdn.permutive.com
7	idge.staticworld.net	www.csoonline.com
6	cm.g.doubleclick.net	5 redirects eb2.3lift.com
4	fastlane.rubiconproject.com	js-sec.indexww.com
4	ib.adnxs.com	2 redirects cdn.permutive.com js-sec.indexww.com
4	alt.idgesg.net	www.csoonline.com
4	use.typekit.net	www.csoonline.com use.typekit.net
3	x.bidswitch.net	3 redirects
3	tlx.3lift.com	ib.3lift.com js-sec.indexww.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.com	cse.google.com
3	www.googletagmanager.com	www.csoonline.com www.googletagmanager.com
3	securepubads.g.doubleclick.net	www.csoonline.com securepubads.g.doubleclick.net
3	cdn.subscribers.com	www.csoonline.com cdn.subscribers.com
2	fonts.gstatic.com	fonts.googleapis.com
2	c1.adform.net	2 redirects
2	fonts.googleapis.com	client
2	www.dwin2.com	www.googletagmanager.com www.dwin2.com
2	ib.3lift.com	www.csoonline.com ib.3lift.com
2	cdn.brandmetrics.com	www.csoonline.com cdn.brandmetrics.com
2	ccpa-service.sp-prod.net	ccpa.sp-prod.net
2	sb.scorecardresearch.com	www.csoonline.com
2	match.adsrvr.org	js-sec.indexww.com eb2.3lift.com
2	cse.google.com	www.csoonline.com www.google.com
2	cdn.permutive.com	www.csoonline.com cdn.permutive.com
2	cmp.csoonline.com	ccpa.sp-prod.net
2	images.techhive.com	www.csoonline.com
2	use.fontawesome.com	www.csoonline.com use.fontawesome.com
1	b1sync.zemanta.com	1 redirects
1	pr-bh.ybp.yahoo.com	eb2.3lift.com
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	pixel.staticworld.net	www.csoonline.com
1	s-jsonp.moatads.com	www.csoonline.com
1	ampcid.google.de	www.google-analytics.com
1	images.idgesg.net	www.csoonline.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	clients1.google.com	www.csoonline.com
1	z.moatads.com	s.ntv.io
1	w.soundcloud.com	www.googletagmanager.com
1	api.ipify.org	www.csoonline.com
1	f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co	cdn.permutive.com
1	p.typekit.net	use.typekit.net
1	cdn.jwplayer.com	www.csoonline.com
1	s.ntv.io	www.csoonline.com
1	js-sec.indexww.com	www.csoonline.com
1	ccpa.sp-prod.net	www.csoonline.com
1	d2zv5rkii46miq.cloudfront.net	www.csoonline.com
228	57

This site contains links to these domains. Also see Links.

Domain
foundryco.com
www.linkedin.com
twitter.com
www.facebook.com
reddit.com
www.flickr.com
creativecommons.org
www.cisa.gov
www.mandiant.com
www.rapid7.com
community.progress.com
www.cio.com
www.computerworld.com
www.infoworld.com
www.networkworld.com
subscribers.com

Subject Issuer	Validity	Valid
*.cfoworld.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-01` - `2024-04-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cmp2.channelpartner.de R3	`2023-04-25` - `2023-07-24`	3 months	crt.sh
*.sp-prod.net Amazon RSA 2048 M01	`2023-04-26` - `2024-05-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-05-06` - `2023-08-04`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-03-01` - `2023-12-25`	10 months	crt.sh
cmp.infoworld.com R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.prmutv.co R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2023-01-24` - `2024-02-25`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2023-05-10` - `2023-08-08`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
www.dwin2.com Amazon RSA 2048 M02	`2023-02-28` - `2023-10-11`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Frame ID: 2FC250A1A0B05A6362565D23ED467258
Requests: 205 HTTP requests in this frame

Frame: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
Frame ID: AE077B6A45BE36B4AC600AECB1F37416
Requests: 7 HTTP requests in this frame

Frame: https://tlx.3lift.com/web/auction?inv_code=tan_CSOOnline_MOAP&referrer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&rev=e340837&fe=0&ft=0&cb=6761870472&gdpr=undefined
Frame ID: A4CF64D0D27FD8139C1A9F2D27BC17DC
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Frame ID: 481E24F9FA82ABA64A1FCE337640B01E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Clop ransomware gang exploits the MOVEit Transfer vulnerability to steal data | CSO Onlinesearch

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

228
Requests

96 %
HTTPS

43 %
IPv6

41
Domains

57
Subdomains

45
IPs

6
Countries

2311 kB
Transfer

7153 kB
Size

52
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://foundryco.com/our-brands/cso/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://foundryco.com/work-here/
Title: Foundry Careers

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/csoonline

Search URL Search Domain Scan URL

URL: https://twitter.com/csoonline

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CSOonline

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&via=csoonline&text=Clop+ransomware+gang+exploits+the+MOVEit+Transfer+vulnerability+to+steal+data

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&title=Clop+ransomware+gang+exploits+the+MOVEit+Transfer+vulnerability+to+steal+data

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&title=Clop+ransomware+gang+exploits+the+MOVEit+Transfer+vulnerability+to+steal+data

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/christiaancolen/20013034943
Title: Christiaan Colen

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by-sa/2.0/legalcode
Title: (CC BY-SA 2.0)

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel/status/1665537730946670595
Title: said on Twitter

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-055a
Title: a zero-day flaw

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/resources/blog/zero-day-moveit-data-theft
Title: reported

Search URL Search Domain Scan URL

URL: https://www.rapid7.com/blog/post/2023/06/01/rapid7-observed-exploitation-of-critical-moveit-transfer-vulnerability/
Title: an updated analysis

Search URL Search Domain Scan URL

URL: https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023
Title: deploy the available patch

Search URL Search Domain Scan URL

URL: https://twitter.com/lconstantin

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/lconstantin

Search URL Search Domain Scan URL

URL: https://foundryco.com/

Search URL Search Domain Scan URL

URL: https://www.cio.com/
Title: CIO

Search URL Search Domain Scan URL

URL: https://www.computerworld.com/
Title: Computerworld

Search URL Search Domain Scan URL

URL: https://www.infoworld.com/
Title: InfoWorld

Search URL Search Domain Scan URL

URL: https://www.networkworld.com/
Title: Network World

Search URL Search Domain Scan URL

URL: https://subscribers.com/?utm_source=subscribers-permission-prompt
Title: subscribers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 211

https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015 HTTP 302
https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1

Request Chain 213

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D&google_tc= HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM539PYBfkB4xEpgcq-NUok&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 215

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D&google_tc=

Request Chain 217

https://x.bidswitch.net/sync?ssp=triplelift&user_id=2253283304285969546584&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2253283304285969546584&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=6563765117290612931&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=2aea1251-450d-4293-aac8-226468a7fb61&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 220

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0

Request Chain 221

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=3259255090954900982&dongle=4d58&gdpr=0&gdpr_consent=

228 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html Show response
www.csoonline.com/article/3698512/ 152 KB
43 KB 144ms
17ms Document
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

fdd0e4ceb7816d534c20254bb2e4fce09f6b0407b940487a34cae4b087f1c5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15730
content-encoding: gzip
content-length: 43401
content-type: text/html;charset=UTF-8
date: Tue, 06 Jun 2023 02:10:44 GMT
server: Apache-Coyote/1.1
strict-transport-security: max-age=300
vary: Accept-Encoding,Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT, HIT, HIT
x-cache-hits: 89, 89, 1, 1
x-frame-options: deny
x-served-by: cache-sjc10073-SJC, cache-sjc10073-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
x-timer: S1686017444.062638,VS0,VE10
x-vcl-version: 86
x-via-fastly: Verdad

GET
H2 200 jquery-1.10.2.min.js Show response
www.csoonline.com/www/js/jquery/ 91 KB
32 KB 13ms
9ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

b52e06f854795718703ef9723b47a9a23edcbe2ae53ff261926d8d6059056cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 79, 79, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 590985
x-cache: HIT, HIT, HIT, HIT
content-length: 32794
x-via-fastly: Verdad
x-served-by: cache-sjc10068-SJC, cache-sjc10068-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:30 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.091222,VS0,VE1
etag: W/"93639-1684957170000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 16:00:59 GMT

GET
H2 200 jquery_cookie.js Show response
www.csoonline.com/www/js/jquery/ 2 KB
1 KB 25ms
19ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/jquery/jquery_cookie.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

02d2940a00290f3a9e4955de7821626688c0cacde8c97c762838e6b40ab22926

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 106, 106, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 74784
x-cache: HIT, HIT, HIT, HIT
content-length: 908
x-via-fastly: Verdad
x-served-by: cache-sjc10044-SJC, cache-sjc10044-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:36 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.095328,VS0,VE1
etag: W/"1946-1684957176000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Sun, 04 Jun 2023 17:10:51 GMT

GET
H2 200 apollo-locales.js Show response
www.csoonline.com/www/js/ 5 KB
2 KB 25ms
20ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/apollo-locales.js?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

6467b42b646c644d356adf8dc595da52488b944fb5a0b2a7cb14aee4ad66ef19

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 126, 126, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, HIT, HIT
content-length: 1735
x-via-fastly: Verdad
x-served-by: cache-sjc10063-SJC, cache-sjc10063-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:48:10 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.095615,VS0,VE1
etag: W/"4845-1685990890000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:38 GMT

GET
H2 200 cmp_shim.js Show response
d2zv5rkii46miq.cloudfront.net/0/latest/ 4 KB
2 KB 43ms
8ms Script
application/javascript 2600:9000:20c3:c200:17:5578:e080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zv5rkii46miq.cloudfront.net/0/latest/cmp_shim.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:c200:17:5578:e080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 120fb2279d5061dd4a428f935fdf10c09e95c1f2ec0346f7aaf6c8b7f382cf49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:09:16 GMT
content-encoding: gzip
via: 1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
last-modified: Tue, 08 Jun 2021 21:38:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 250
etag: "1de86d90311bcd5ee000f2f732b294a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1698
x-amz-cf-id: IYlD78Kc9wuzWG4Rxzql23K3pjutMD0By_jp_1LSANt0pHMx3DZFdw==

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cmpv2.csoonline.com/ 165 KB
44 KB 160ms
8ms Script
text/javascript 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpv2.csoonline.com/wrapperMessagingWithoutDetection.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85984ed98244e5e42022ad4c2a0a8908f6ea41a9c43b912821b6a295cba2ea49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
date: Tue, 06 Jun 2023 02:09:49 GMT
last-modified: Wed, 17 May 2023 15:06:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 84
x-amz-server-side-encryption: AES256
etag: W/"7281b172d3ea01bf02b7f54d4a18188d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: uEyU5Izt-5uq-v1RxhyxmlIGA-DvJ0Y8p_BzgEcSZXJ1xWmr9v7Rlw==

GET
H2 200 ccpa.js Show response
ccpa.sp-prod.net/ 55 KB
19 KB 41ms
7ms Script
application/javascript 99.84.88.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ccpa.sp-prod.net/ccpa.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-40.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc630eae66d14c714e935e9686b763aab14adc301890a57262408ee4bd401978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:20:24 GMT
content-encoding: gzip
via: 1.1 acc9aed747aea07d6138203ddfb2dcd8.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:12:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 3021
etag: W/"03d1c1f6642064c8fc51daa6d457d3dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: aN9sFSJ5QXKmx4gkyWVGHXKbWG6t6_1EtZ0NZUpmCuvjgejwRkcg2g==

GET
H2 200 init_device.js Show response
www.csoonline.com/www/js/ 585 B
543 B 24ms
19ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/init_device.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

4f4ed0e81c2f0016d06ae816dd872edc04e97612c9d36f2f3f4475f2954e7fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 44, 44, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 453476
x-cache: HIT, HIT, HIT, HIT
content-length: 304
x-via-fastly: Verdad
x-served-by: cache-sjc10073-SJC, cache-sjc10073-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:28 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.095319,VS0,VE1
etag: W/"585-1684957168000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Wed, 07 Jun 2023 06:12:08 GMT

GET
H2 200 183980-47728333013839.js Show response
js-sec.indexww.com/ht/p/ 136 KB
39 KB 58ms
20ms Script
text/javascript 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c383325844c6616d85a4a44e0a85429ba586eecf8c807bfc06368ceb30ef09e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 02:00:58 GMT
server: cloudflare
age: 396
etag: W/"763abf-220f6-5fd6c63f1668b"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7d2d1ee378ec1941-FRA
expires: Tue, 06 Jun 2023 06:10:44 GMT

GET
H2 200 gpt_includes.js Show response
www.csoonline.com/www/js/ads/ 19 KB
6 KB 27ms
22ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/ads/gpt_includes.js?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

dcb3e51a64f948ed5302183e2a8e5ecf9e84f8e86e8cd40fc5d18485fbb2c074

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 72, 72, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25584
x-cache: HIT, HIT, HIT, HIT
content-length: 5283
x-via-fastly: Verdad
x-served-by: cache-sjc10070-SJC, cache-sjc10070-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:47:58 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.098295,VS0,VE1
etag: W/"19501-1685990878000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:04:19 GMT

GET
H2 200 thm_pre.js Show response
www.csoonline.com/www.idge/js/ 24 KB
5 KB 26ms
22ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/js/thm_pre.js?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

71a9f7971618b14dc4014c55de13c36da054db21b986c50a6d112eaf9e366418

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 118, 118, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25625
x-cache: HIT, HIT, HIT, HIT
content-length: 5227
x-via-fastly: Verdad
x-served-by: cache-sjc10051-SJC, cache-sjc10051-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:43:06 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.098053,VS0,VE1
etag: W/"24746-1685990586000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:03:39 GMT

GET
H2 200 gpt_starter.js Show response
www.csoonline.com/www/js/ads/ 330 B
477 B 25ms
20ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/ads/gpt_starter.js?1234

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

ad20d2d42fcbd58ad9c50a6e53db21bf4425be6f8237a41f109c2717c30b4067

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 304, 304, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 67489
x-cache: HIT, HIT, HIT, HIT
content-length: 238
x-via-fastly: Verdad
x-served-by: cache-sjc10033-SJC, cache-sjc10033-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:14 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.098042,VS0,VE1
etag: W/"330-1684957154000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 06:49:40 GMT

GET
H2 200 gpt_launcher.js Show response
www.csoonline.com/www/js/ads/ 593 B
540 B 25ms
21ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/ads/gpt_launcher.js?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

06c72ef9353a39000f14acb8c982d9241484108af590496e9594f217c6802bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 130, 130, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25721
x-cache: HIT, HIT, HIT, HIT
content-length: 306
x-via-fastly: Verdad
x-served-by: cache-sjc10040-SJC, cache-sjc10040-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:47:58 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.098032,VS0,VE1
etag: W/"593-1685990878000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:02:02 GMT

GET
H2 200 article.css
www.csoonline.com/www/css/ 235 KB
34 KB 19ms
15ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/css/article.css?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

11cee06f13221dea8fa5ddb99d54510eb7831fd51aa6f8610820c5a471af58a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 150, 150, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25625
x-cache: HIT, HIT, HIT, HIT
content-length: 34961
x-via-fastly: Verdad
x-served-by: cache-sjc10066-SJC, cache-sjc10066-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:45:46 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.094798,VS0,VE1
etag: W/"240590-1685990746000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:03:39 GMT

GET
H2 200 article.css
www.csoonline.com/www.idge.cso/css/ 88 KB
13 KB 17ms
14ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge.cso/css/article.css?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

049a68941716e853aefd214e9fd02b920da3e890278b507323fe50933d3d19d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 148, 148, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, HIT, HIT
content-length: 13187
x-via-fastly: Verdad
x-served-by: cache-sjc10028-SJC, cache-sjc10028-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:35:06 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.095387,VS0,VE1
etag: W/"45297-1684956906000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:38 GMT

GET
H2 200 ss-social.css
www.csoonline.com/www.idge/css/webfonts/ 3 KB
1 KB 21ms
17ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/css/webfonts/ss-social.css

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

c2787f84ac525e6b202f56eb25ef03f40017d11100280dd6f3866cadb4d1f50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 334, 334, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 66331
x-cache: HIT, HIT, HIT, HIT
content-length: 885
x-via-fastly: Verdad
x-served-by: cache-sjc10035-SJC, cache-sjc10035-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:36:34 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.095373,VS0,VE1
etag: W/"3417-1684956994000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 07:23:29 GMT

GET
H2 200 ss-standard.css
www.csoonline.com/www.idge/css/webfonts/ 11 KB
3 KB 15ms
12ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/css/webfonts/ss-standard.css

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

b59054e128a42511aa22399d02cd8365ac1c66a6efe6f4f11cfe1ae16284db0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 201, 201, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 489994
x-cache: HIT, HIT, HIT, HIT
content-length: 2486
x-via-fastly: Verdad
x-served-by: cache-sjc10079-SJC, cache-sjc10079-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:36:34 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.095083,VS0,VE1
etag: W/"11639-1684956994000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 20:04:07 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
12 KB 47ms
15ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

Referer: https://www.csoonline.com/
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FYD9KKR124512K43
age: 1743122
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nRq8u9sb4Ro40TtPGcxqzDV/Cb1CMZWNkisUyu1CHjTXlZFRyhRTiixOgo1y1JCD9YKNA+8bRCw=
last-modified: Wed, 30 Jun 2021 15:44:12 GMT
server: cloudflare
etag: W/"b8085bf2c839791244bd95f56fb93c01"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=070S3zFi%2Bi97l6SzvgKPBekrhtm7PWHtjdi9b%2BS%2B5NqUtvnet25CXyCUBN9f2KS7yB8SZzMWtNgKU%2ByvvDCYManwd6oF5XZ2uIjUeVYrEdSi1Ks%2FJP3Fkns8tS1SLB4picMXjI4uJc3qQXhls%2BRvgJXf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7d2d1ee1c99e690a-FRA

GET
H2 200 vjj6ndp.css
use.typekit.net/ 3 KB
1015 B 66ms
11ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vjj6ndp.css

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7b04d6ce2f17eeb96bf52a53711114a4bfef440bcb40927f77d395d549fe53d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686017444121_399430933_76074970_387_353_6_22_255";dur=1
timing-allow-origin: *
content-length: 728

GET
H2 200 ad.js Show response
www.csoonline.com/www/js/ads/ 19 B
432 B 24ms
21ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/ads/ad.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 513, 513, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 482528
x-cache: HIT, HIT, HIT, HIT
content-length: 39
x-via-fastly: Verdad
x-served-by: cache-sjc10082-SJC, cache-sjc10082-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:10 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.098025,VS0,VE1
etag: W/"19-1684957150000"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 22:08:19 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 573 KB
156 KB 56ms
18ms Script
application/x-javascript 23.32.185.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-42.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8431578ff5524fd3641c2f36972e9f9cf81aa80af0944d8842fe226de6f19b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 02:10:44 GMT
Content-Encoding: gzip
x-amz-request-id: NZT84S19T0NB08JH
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: AAoQTwQd1o5p4GNqr0kDLFY2Ndlbf40O0nT7GDukmENxSkscjKVaeywGymrMNkKLJ0Cujz5xIQc=
Last-Modified: Thu, 25 May 2023 16:25:43 GMT
Server: AmazonS3
ETag: "b32d9e6fde89581e6a5f9cfed0e06525"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 8yHZorDV.js Show response
cdn.jwplayer.com/libraries/ 117 KB
44 KB 41ms
8ms Script
text/javascript 2600:9000:225e:b000:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/8yHZorDV.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: f29470a00a38e67eebce4034acc0b39bbdb2bb5cde8fa209800f3639c69a4376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:08 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 36
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 44169
x-amz-cf-id: zBzJcM5wwHtwjNvxXEHgqTsUOCK7ga_2V9ZdZAGh6Hbyz7PyfZJx0Q==

GET
H2 200 oc-header.css
www.csoonline.com/www/css/ 37 KB
8 KB 16ms
13ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/css/oc-header.css?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

db29aa88ea3a11062a7dc45fcc65be9b8dc3fff9c849078dd6809d35974e86ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 137, 137, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, HIT, HIT
content-length: 7371
x-via-fastly: Verdad
x-served-by: cache-sjc10058-SJC, cache-sjc10058-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:45:50 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.095042,VS0,VE1
etag: W/"38076-1685990750000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:38 GMT

GET
H2 200 oc-header.css
www.csoonline.com/www.idge.cso/css/ 6 KB
2 KB 21ms
18ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge.cso/css/oc-header.css?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

fbbbac05b654e9de243f6e42f41efa36522598661a05b5d84b7614d7effba3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 252, 252, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, HIT, HIT
content-length: 1853
x-via-fastly: Verdad
x-served-by: cache-sjc10039-SJC, cache-sjc10039-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:43:58 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.095697,VS0,VE1
etag: W/"6391-1685990638000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:38 GMT

GET
H2 200 cso-white-logo.svg
alt.idgesg.net/images/furniture/cso/ 2 KB
2 KB 180ms
8ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alt.idgesg.net/images/furniture/cso/cso-white-logo.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66ea0c6fa4034dbeae9784e34b02aeb748608ba8c2576e1b08fabd965712ad99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: GZEJ2MIi53tqEbsMuE.llWrHu..L1aXm
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: MP3ZW91HCHG058GS
age: 3061
x-amz-meta-origin-date-iso8601: 2022-04-05T15:18:30.000Z
x-cache: HIT
content-length: 2054
x-amz-id-2: M3CkhfWf+kItLMxwsJxkNcmyi2OTHGmyb9sSJ5cKTDlf3tliSYO88/VX1+znAjsFq9/W6ZhR/n0=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 06 Apr 2022 16:02:41 GMT
server: AmazonS3
x-timer: S1686017445.526856,VS0,VE1
etag: "2bc94f3caad9407062b8845e0c42e913"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 content-ribbon.css
www.csoonline.com/www/css/ 2 KB
710 B 158ms
158ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/css/content-ribbon.css?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

fd66d8dc41c06a99c3877934b3af8d38de72f3a94db252c0b9474bec35014491

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 120, 120, 0, 0
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, MISS, MISS
content-length: 522
x-via-fastly: Verdad
x-served-by: cache-sjc10070-SJC, cache-sjc10070-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:45:46 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.155774,VS0,VE149
etag: W/"1829-1685990746000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:38 GMT

GET
H2 200 date-time-moments.js Show response
www.csoonline.com/www/js/ 121 KB
32 KB 8ms
8ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/date-time-moments.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

5156e9286b87b1e03f6151c2bb29ad54d2b9da4df874a23c742a0693bdc209a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 12, 12, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 69192
x-cache: HIT, HIT, HIT, HIT
content-length: 32323
x-via-fastly: Verdad
x-served-by: cache-sjc10024-SJC, cache-sjc10024-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:26 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.256869,VS0,VE1
etag: W/"123832-1684957166000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 06:24:37 GMT

GET
H2 200 facebook.svg
idge.staticworld.net/images/ 817 B
1 KB 183ms
10ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idge.staticworld.net/images/facebook.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 676aa6d4090a54ea6893484095f55c80659fb8538db100cdb8ce1dc82bab42b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: z0fEqr9qBUOYVzkAEhE7W.44xxx.2BcQ
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: C0J55MW8VWTT6B8P
age: 1726
x-cache: HIT
content-length: 817
x-amz-id-2: EAO9pVnFsFK3/lvkHXn1rfgRSb7zCVZzNDEeX1fZl/nf0/nGLKJQjb1/MmsqkkpWidnTcAZZ338=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Tue, 27 Mar 2018 00:10:09 GMT
server: AmazonS3
x-timer: S1686017445.527215,VS0,VE1
etag: "e54119fb283fa31d7980c946d19e701f"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 twitter.svg
idge.staticworld.net/images/ 1 KB
1 KB 184ms
11ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idge.staticworld.net/images/twitter.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 464e7cde418a559c5035942d1ab154d5d906f378f256a0dd39848d197df6180d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: mIV1aQJqOkkgyHLgPXYdWBvfLAAcgw1y
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: PMC6XXSTEJARFCKR
age: 871
x-cache: HIT
content-length: 1128
x-amz-id-2: FoGFUzE51SnsjRqX+wCsaDNKVtUl49fPwhqz+aXy5Xi2n3V4nJF6alt23B7wOFaHcg45QrlL6JQ=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Tue, 27 Mar 2018 00:10:11 GMT
server: AmazonS3
x-timer: S1686017445.527202,VS0,VE1
etag: "5c2cee17abf8296b156fa142e69516df"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 linkedin.svg
idge.staticworld.net/images/ 786 B
1 KB 182ms
9ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idge.staticworld.net/images/linkedin.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03643efcf63e8fbfe6571cd0f1a4ce49f8575a7bee74f2e9fd7fab344e474e48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: dIfJAJb7rR9o.DnrV3iep_mz2NuSUCHZ
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: 1BJF5ENW0F7QHR1E
age: 502
x-cache: HIT
content-length: 786
x-amz-id-2: /ePvPJNfoRUeHsgxrbxyRUvtvWBeBUEghK2u7VC0JgB/4XOv2lA16w7fExRJZMdpRtzsP8KhCq0=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Tue, 27 Mar 2018 00:10:10 GMT
server: AmazonS3
x-timer: S1686017445.527145,VS0,VE1
etag: "b828f13d2d6015e831f675f1ca0c1908"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 reddit.svg
idge.staticworld.net/images/ 2 KB
2 KB 187ms
15ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idge.staticworld.net/images/reddit.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47c749c888c850505d68f2745651928d8aec9a6802d6a8b20869fa114af92277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: X1o6g.mfoioyv5Lswf3F9n.2ID0CCWF9
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: MKS7MGYCWH7TZ8Y4
age: 1525
x-cache: HIT
content-length: 1556
x-amz-id-2: RjLwuDzf7fpx1nsjNOPxcPIeaFARTMRsBzZ3QRmGrdU6QdDJfOyTIxzOdS+4YBNzKQ3NmE38Oqw=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Tue, 27 Mar 2018 00:10:10 GMT
server: AmazonS3
x-timer: S1686017445.527210,VS0,VE7
etag: "8159d85ae759a8d251edb65b4dcd285d"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 mail.svg
idge.staticworld.net/images/ 631 B
908 B 182ms
10ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idge.staticworld.net/images/mail.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83d86c9e7359ed844c0e7682abcd5cdb65222d421c61156f17791ac6c2650274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: W1fLolU3CaghgVscFveqAiphPY036Sqp
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: PJPV350XXNS5211R
age: 3421
x-cache: HIT
content-length: 631
x-amz-id-2: D43Xkr0BJyWRQJPUY4qPiBmMEK8Pt5o+VOxt4p6o17fyeqsJ1kJ9DA5AhS7rxOiTNU2FMmh2V+Y=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Tue, 27 Mar 2018 00:10:10 GMT
server: AmazonS3
x-timer: S1686017445.527240,VS0,VE1
etag: "c8fc97e05e008a042825f64ee7d414d1"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 print.svg
idge.staticworld.net/images/ 782 B
1 KB 183ms
12ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idge.staticworld.net/images/print.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b197985c0bef8bc365381bd16e15dccf184eb33d0abf0afdb4f567da2000fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: .7Gmo7QCRJqJTxCocIfBynAqOGj25mL.
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: 9BXF6C5CVB3FS6YJ
age: 871
x-cache: HIT
content-length: 782
x-amz-id-2: qYo5RPtsQF1R+Zf+2+4gB9RkAxYHPuaIW/hrEv1SCZJVPdOYqQx1V2TQfgpNDz19muY6pL1HIDE=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Tue, 27 Mar 2018 00:10:10 GMT
server: AmazonS3
x-timer: S1686017445.528022,VS0,VE1
etag: "a9f65e3b5eddc5c537118a146a3333c7"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lucian_constantin-100258922-byline.jpg
images.techhive.com/images/article/2014/04/ 2 KB
2 KB 294ms
12ms Image
image/webp 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.techhive.com/images/article/2014/04/lucian_constantin-100258922-byline.jpg?auto=webp&quality=85,70
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5d492c511f48abbfa3e77559fd35575dbede797bd4777d28acea42e728d569b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: X8COOW6fHUBzDvpqxwCJGCZv8g_D7Gi8
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: 4RDYW2T0PT5839AC
age: 414
x-cache: HIT
fastly-io-info: ifsz=5516 idim=116x116 ifmt=jpeg ofsz=2206 odim=116x116 ofmt=webp
fastly-stats: io=1
content-length: 2206
x-amz-id-2: 4J6N0UctPPp1fAVGx+/AE5fc95z4Y/mx8JLI3a0eJ9ZJ5SPk2rFyUmlYrO/2PHQocMn3ricBmio=
x-served-by: cache-fra-eddf8230089-FRA
server: AmazonS3
x-timer: S1686017445.703054,VS0,VE2
etag: "IKKIXK/X3BUMW6xHcongSAqIhrJ5Qyr8VgLpvAnVHf8"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 stickyLb.js Show response
www.csoonline.com/www/js/ads/ 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/ads/stickyLb.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

f6bbd3540733be952a2921b2e4716d3b5190d5897510efcf9baa09649a1eaedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 273, 273, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 31231
x-cache: HIT, HIT, HIT, HIT
content-length: 1257
x-via-fastly: Verdad
x-served-by: cache-sjc10028-SJC, cache-sjc10028-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:16 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.314603,VS0,VE1
etag: W/"3657-1684957156000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 09:37:11 GMT

GET
H2 200 8_code_driven_security-100717129-large.jpg
images.techhive.com/images/article/2017/04/ 51 KB
52 KB 293ms
11ms Image
image/webp 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.techhive.com/images/article/2017/04/8_code_driven_security-100717129-large.jpg?auto=webp&quality=85,70
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97a17322c28c2600d3664fac2d00475ab44467fc9ee9326cea3bba7ea5f7a1b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: 06u3DGtZ0R2LhjQERHOXqDwcIbKL_ZXB
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: SDQ9RGME7ZQ4YG6B
age: 414
x-amz-meta-origin-date-iso8601: 2018-03-13T23:03:57.000Z
x-cache: HIT
fastly-io-info: ifsz=92594 idim=700x525 ifmt=jpeg ofsz=52584 odim=700x525 ofmt=webp
fastly-stats: io=1
content-length: 52584
x-amz-id-2: 7pUzS208gKssYoUe24kykY+LbZbsXabSKUTI2yQ17WcFA+Tg8tIBluSh8u607NKDm8vD6Evqp9w=
x-served-by: cache-fra-eddf8230089-FRA
server: AmazonS3
x-timer: S1686017445.702982,VS0,VE1
etag: "66gpJ1SVMqzmv5iygpnIGqxamaAp4UTB75oI7mrMA/Y"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 deal-modules.js Show response
www.csoonline.com/www/js/ 783 B
577 B 8ms
7ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/deal-modules.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

cdf2700459ab474c9e19ccf7a3b9c6044a6cf2f2ff7bb0e1ab7bde2304409c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 319, 319, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 49535
x-cache: HIT, HIT, HIT, HIT
content-length: 345
x-via-fastly: Verdad
x-served-by: cache-sjc10065-SJC, cache-sjc10065-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:26 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.323822,VS0,VE1
etag: W/"783-1684957166000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 04:38:42 GMT

GET
H2 200 embedder-jwp.js Show response
www.csoonline.com/www/js/video/ 2 KB
862 B 8ms
8ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/video/embedder-jwp.js?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

f0b97fc49950832323730d508911fa12bd098eca0670ccb3a18ada5af3a34699

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 38, 38, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, HIT, HIT
content-length: 640
x-via-fastly: Verdad
x-served-by: cache-sjc10032-SJC, cache-sjc10032-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:48:34 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.333521,VS0,VE1
etag: W/"1760-1685990914000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:39 GMT

GET
H2 200 jquery.lazyload-ad.js Show response
www.csoonline.com/www/js/ads/ 10 KB
3 KB 8ms
8ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/ads/jquery.lazyload-ad.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

4e6b5fc328bac95eec2e30afa8a58224c9accc6d70daf0e864d75c4c6d07fe94

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 328, 328, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 552328
x-cache: HIT, HIT, HIT, HIT
content-length: 3069
x-via-fastly: Verdad
x-served-by: cache-sjc10074-SJC, cache-sjc10074-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:16 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.335188,VS0,VE1
etag: W/"9912-1684957156000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 02:43:52 GMT

GET
H2 200 tso-links.css
www.csoonline.com/www.idgcsmb/css/ 991 B
702 B 13ms
7ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idgcsmb/css/tso-links.css?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

b42412a0e2fd452601f89dc9119e8dc4c563d204e6a54ba2f91e7c046f9de3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 236, 236, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, HIT, HIT
content-length: 473
x-via-fastly: Verdad
x-served-by: cache-sjc10063-SJC, cache-sjc10063-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:43:36 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.356661,VS0,VE1
etag: W/"991-1685990616000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:39 GMT

GET
H2 200 foot.css
www.csoonline.com/www.idge/css/ 9 KB
2 KB 15ms
8ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/css/foot.css?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

a95ff5717cbb58f3acad7822a2413f4fac3d5c0fa1782f877067bb68e850c823

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 7, 7, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25625
x-cache: HIT, HIT, HIT, HIT
content-length: 2011
x-via-fastly: Verdad
x-served-by: cache-sjc10044-SJC, cache-sjc10044-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:45:12 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.358436,VS0,VE1
etag: W/"8884-1685990712000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:03:39 GMT

GET
H2 200 foot.css
www.csoonline.com/www.idge.cso/css/ 2 KB
988 B 19ms
12ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge.cso/css/foot.css?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

227c7b295dd2359a1a3db3c8458f2081704b18e41be7da8076f04262ba3bcc56

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 14, 14, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25746
x-cache: HIT, HIT, HIT, HIT
content-length: 630
x-via-fastly: Verdad
x-served-by: cache-sjc10071-SJC, cache-sjc10071-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:43:54 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.359450,VS0,VE1
etag: W/"2036-1685990634000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:39 GMT

GET
H2 200 foundry-logo-white.svg
alt.idgesg.net/images/furniture/foundry/ 3 KB
4 KB 115ms
13ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alt.idgesg.net/images/furniture/foundry/foundry-logo-white.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c8d2ebc94fc9fbb0ce45ce5086f3c3cf15f50104ffc4b3fc027a216cf9e237e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: S3QXKcoGVP4aVsQzzhiotd3C3Yo_AbxD
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: VEWMAG6DRDAGSVJC
age: 1213
x-amz-meta-origin-date-iso8601: 2022-03-15T13:15:10.000Z
x-cache: HIT
content-length: 3538
x-amz-id-2: SIv344pQ9uBbNQ6NKAalCYxlNHkU9pAIrc+/DeQSK8Q0Zt/NbGm/K2Tl+yLpKC/HUwoURtrmDoU=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Tue, 05 Apr 2022 18:13:11 GMT
server: AmazonS3
x-timer: S1686017445.526919,VS0,VE5
etag: "5828e43a67d1f51b7258fd4c3a749543"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jquery-ui.js Show response
www.csoonline.com/www/js/jquery/ 292 KB
70 KB 20ms
14ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/jquery/jquery-ui.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

66b5ca68288cc2506f1c5709fe38cebccca428406a7ce96e392718203666d503

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 19, 19, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 516158
x-cache: HIT, HIT, HIT, HIT
content-length: 71002
x-via-fastly: Verdad
x-served-by: cache-sjc10055-SJC, cache-sjc10055-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:32 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.359186,VS0,VE1
etag: W/"299210-1684957172000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 12:44:39 GMT

GET
H2 200 jquery.dfp.min.js Show response
www.csoonline.com/www/js/jquery/ 4 KB
2 KB 17ms
10ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/jquery/jquery.dfp.min.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

053d5c873a012d89c7a079d097426cfddb18b28494a55c51eff89e0294540dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 329, 329, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 71990
x-cache: HIT, HIT, HIT, HIT
content-length: 1722
x-via-fastly: Verdad
x-served-by: cache-sjc10036-SJC, cache-sjc10036-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:34 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.359222,VS0,VE1
etag: W/"4433-1684957174000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 02:02:42 GMT

GET
H2 200 shortstack_nav.js Show response
www.csoonline.com/www.idge/js/mule/ 2 KB
713 B 16ms
9ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/js/mule/shortstack_nav.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

fb6b1425ff73fe62d725a3981ac08d9f57e16e14d5ae321c617e21e1d7403d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 116, 116, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 512080
x-cache: HIT, HIT, HIT, HIT
content-length: 480
x-via-fastly: Verdad
x-served-by: cache-sjc10080-SJC, cache-sjc10080-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:38:42 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.358963,VS0,VE1
etag: W/"2129-1684957122000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 13:52:37 GMT

GET
H2 200 tracking.js Show response
www.csoonline.com/www/js/analytics/ 1 KB
934 B 15ms
9ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/analytics/tracking.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

607bfd152e5c762ba0f0502f653c7bbb546ad7955e792a9840d4ae28a8219423

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 5, 5, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 575993
x-cache: HIT, HIT, HIT, HIT
content-length: 538
x-via-fastly: Verdad
x-served-by: cache-sjc10053-SJC, cache-sjc10053-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:22 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.358878,VS0,VE1
etag: W/"1075-1684957162000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:10:51 GMT

GET
H2 200 jquery.colorbox-min.js Show response
www.csoonline.com/www.idge/js/jquery/plugins/ 11 KB
5 KB 16ms
10ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/js/jquery/plugins/jquery.colorbox-min.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

f370d6bd05df8e6a5b671f06e038c4d85d95dc5446fdeb8f8762e817882a8322

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 73, 73, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 520039
x-cache: HIT, HIT, HIT, HIT
content-length: 4689
x-via-fastly: Verdad
x-served-by: cache-sjc10026-SJC, cache-sjc10026-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:38:38 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.358895,VS0,VE1
etag: W/"11081-1684957118000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 11:43:04 GMT

GET
H2 200 article.js Show response
www.csoonline.com/www.idge/js/ 2 KB
862 B 19ms
13ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/js/article.js?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

0dbf4106e062b56a7d4db32cb448fad76e1aad0bf204b8569091bdcb5abed21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 24, 24, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, HIT, HIT
content-length: 613
x-via-fastly: Verdad
x-served-by: cache-sjc10036-SJC, cache-sjc10036-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:47:18 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.358910,VS0,VE2
etag: W/"1707-1685990838000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:39 GMT

GET
H2 200 responsive-tables.js Show response
www.csoonline.com/www.idge/js/jquery/ 1 KB
881 B 172ms
166ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/js/jquery/responsive-tables.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

a739dbffc4a907c1f133b4b26e0daf544ea743218bba5704a910313b0ef3ac10

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 1, 1, 0, 0
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 42811
x-cache: HIT, HIT, MISS, MISS
content-length: 541
x-via-fastly: Verdad
x-served-by: cache-sjc10024-SJC, cache-sjc10024-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:38:40 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.359663,VS0,VE157
etag: W/"1363-1684957120000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 14:17:12 GMT

GET
H2 200 jquery.tablesorter.min.js Show response
www.csoonline.com/www.idge/js/jquery/ 16 KB
5 KB 23ms
18ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/js/jquery/jquery.tablesorter.min.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

55e8d16bb1a291b0524928dd3bd20c191a14d8a947e4b141271f9c595c7bb451

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 10, 10, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 516403
x-cache: HIT, HIT, HIT, HIT
content-length: 4792
x-via-fastly: Verdad
x-served-by: cache-sjc10021-SJC, cache-sjc10021-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:38:38 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.360704,VS0,VE1
etag: W/"16373-1684957118000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 12:43:50 GMT

GET
H2 200 global.js Show response
www.csoonline.com/www.idge/js/ 14 KB
4 KB 23ms
17ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/js/global.js?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

e0c629f4ece53000517c7077027971a1dea36ec8c9daac30b7655bcbca84b00a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 12, 12, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25746
x-cache: HIT, HIT, HIT, HIT
content-length: 4351
x-via-fastly: Verdad
x-served-by: cache-sjc10082-SJC, cache-sjc10082-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:43:06 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.360629,VS0,VE1
etag: W/"14105-1685990586000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:39 GMT

GET
H2 200 ss-social.js Show response
www.csoonline.com/www/js/webfonts/ 4 KB
2 KB 21ms
16ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/webfonts/ss-social.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

af34f58ea2fc346a5f7028ad8b721a9bb31405cf283471a37dab53bad10a6a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 26, 26, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 583228
x-cache: HIT, HIT, HIT, HIT
content-length: 1766
x-via-fastly: Verdad
x-served-by: cache-sjc10072-SJC, cache-sjc10072-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:52 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.360308,VS0,VE1
etag: W/"3950-1684957192000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 05:48:48 GMT

GET
H2 200 ss-standard.js Show response
www.csoonline.com/www/js/webfonts/ 11 KB
4 KB 23ms
18ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/webfonts/ss-standard.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

bdfe5b167ff906b96e1f8f028ac8f5e41af7a1892d0cc3a275d28057ba79c0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 6, 6, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 506128
x-cache: HIT, HIT, HIT, HIT
content-length: 3898
x-via-fastly: Verdad
x-served-by: cache-sjc10026-SJC, cache-sjc10026-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:54 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.361037,VS0,VE1
etag: W/"10818-1684957194000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 15:33:26 GMT

GET
H2 200 brandAnalytics.js Show response
www.csoonline.com/www/js/analytics/ 2 KB
740 B 22ms
17ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/analytics/brandAnalytics.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

9844fb443bd322af1d908116fa890abdbed6b8b6fe73fba91c9beb8408318aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 35, 35, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 65370
x-cache: HIT, HIT, HIT, HIT
content-length: 491
x-via-fastly: Verdad
x-served-by: cache-sjc10036-SJC, cache-sjc10036-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:39:20 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.360447,VS0,VE1
etag: W/"2516-1684957160000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 05 Jun 2023 07:23:33 GMT

GET
H2 200 locales-editions-slug.js Show response
www.csoonline.com/www/js/ 2 KB
829 B 16ms
11ms Script
application/javascript 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www/js/locales-editions-slug.js?v=20230605114851

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

dc1f34948cbeccb66c1b22633753475c2b3bd39c85c3f4695afba334a7f1fc75

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 9, 9, 97, 97
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 25745
x-cache: HIT, HIT, HIT, HIT
content-length: 597
x-via-fastly: Verdad
x-served-by: cache-sjc10024-SJC, cache-sjc10024-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:48:20 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.359956,VS0,VE0
etag: W/"2371-1685990900000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: application/javascript
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Mon, 12 Jun 2023 19:01:39 GMT

GET
H2 200 subscribers.js Show response
cdn.subscribers.com/assets/ 64 KB
17 KB 65ms
15ms Script
text/javascript 2606:4700:10::ac43:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.subscribers.com/assets/subscribers.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2b3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec024651598aa96db709baa6ade41b4205cb87eeeb88a8f96aa57c3dff948fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Jun 2023 17:16:29 GMT
server: cloudflare
x-amz-request-id: G0YHMBW4B5ZJKSV2
age: 2759
etag: W/"4587f4c1d6b84e05b7272b2cfee101cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 7d2d1ee38be690dd-FRA
x-amz-id-2: H+gObEDf0ZIpNnuC0xXFtldfNGZqZAHoLfZbbI/kZdK6GPC+E4oa3r7ely3YTqxH7oYaiSiyDbM=

GET
H2 200 get_site_data Show response
cmpv2.csoonline.com/mms/v2/ 198 B
612 B 39ms
18ms XHR
application/javascript 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&account_id=146

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-27.muc50.r.cloudfront.net

Software

Resource Hash

5e0784f265f20230748207a0c6311051fc3feb34622c64464a47465a6623119b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 21:40:24 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-sp-mms-node: ip-10-128-32-23
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 16220
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=3600, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: YkdLixtUYFeZAiaIAyjx8uJEIh71vaQjai5C9xqRXAj0YGjOYOk2ig==

GET
H2 200 get_site_data Show response
cmp.csoonline.com/mms/ 198 B
586 B 225ms
39ms XHR
text/plain 99.84.88.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.csoonline.com/mms/get_site_data?requestUUID=33cb79ce-835a-4245-95dc-83e1f50e19de&account_id=146&href=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Requested by

Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-94.muc50.r.cloudfront.net

Software

Resource Hash

5e0784f265f20230748207a0c6311051fc3feb34622c64464a47465a6623119b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-sp-mms-node: ip-10-128-32-195
via: 1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=2592000
access-control-allow-credentials: true
x-amz-cf-id: yu9t3OE04wQdxUqPCCKzS2iMWcVoBWAI_iF_fn8tvpb3LgL9NOMLZQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 56ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/ads/gpt_starter.js?1234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729d23030a2bec2d0ba2cd51eab050ebd03d4ca18cd4de8f8e008194125d3f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25224
x-xss-protection: 0
server: cafe
etag: 170 / 19514 / m202306010101 / config-hash: 435238587681776568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 02:10:44 GMT

GET
H2 200 print.css
www.csoonline.com/www.idge/css/ 2 KB
980 B 14ms
12ms Stylesheet
text/css 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/css/print.css

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

a5e5c781317ce492049cb1f9e1deec67c47bbe5dbd03ec12f688cf7a221a79f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits: 483, 483, 1, 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 499992
x-cache: HIT, HIT, HIT, HIT
content-length: 733
x-via-fastly: Verdad
x-served-by: cache-sjc10039-SJC, cache-sjc10039-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Wed, 24 May 2023 19:36:28 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.359533,VS0,VE1
etag: W/"1871-1684956988000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: text/css
cache-control: max-age=604800
x-vcl-version: 86
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:15:53 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
234 B 42ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vjj6ndp&ht=tk&f=25310.25312.25313.25318&a=113850475&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vjj6ndp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
last-modified: Fri, 21 Apr 2023 13:54:10 GMT
server: nginx
etag: "64429582-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686017444327_399430933_76075170_8_293_6_0_255";dur=1
accept-ranges: bytes
content-length: 5

OPTIONS
H2 200 latest-version
cmpv2.csoonline.com/consent/tcfv2/vendor-list/ Frame 0
0 23ms
22ms Preflight
text/plain 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/consent/tcfv2/vendor-list/latest-version?siteId=3918&accountId=146&hasCsp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-27.muc50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=0, s-maxage=600
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
x-amz-cf-id: moD7NI67WxzFJ3a9m8ILnjRSPYZG2-GjpWenNwD-Ov4Mkt3mIZNEqw==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront

GET
H2 200 latest-version Show response
cmpv2.csoonline.com/consent/tcfv2/vendor-list/ 206 B
697 B 22ms
21ms XHR
application/json 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/consent/tcfv2/vendor-list/latest-version?siteId=3918&accountId=146&hasCsp=true

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-27.muc50.r.cloudfront.net

Software

Resource Hash

0185cd1b5473b45e10bc00a3ce552383f9c909ea33c5e5aff496be3f70fdd353

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 206
x-amz-cf-id: iEcgnldQ_ByzlHpJE9ECdRiVvif8K1RXFoSHt-gmnSXUNJll5qs9nw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 342 KB
105 KB 75ms
51ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e29f8a9b134eaec2eb1c84a2e212a60e85c78cec2cf83ad26214665b3cfa1861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 02:10:44 GMT

GET
H2 200 f5b3be27-f789-4ef1-8867-37c67da5b361-web.js Show response
cdn.permutive.com/ 587 KB
170 KB 69ms
29ms Script
application/javascript 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f6f002861bd83ee77f252a7d0d84f00167a6ebe1392af0814aec41463edfa39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f5b3be27-f789-4ef1-8867-37c67da5b361
age: 0
x-guploader-uploadid: ADPycduD7CeQLCSSPF5APo0ZiwfaNbTdLKfDJyMJsfVQ2KcMynY9IyT9dHjUIic0PKTbESwDYhTyr47NRqcRjtbCON0o
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Wed, 12 Apr 2023 14:36:34 GMT
server: cloudflare
etag: W/"f1498a866eee7722ac76d38581562620"
vary: Accept-Encoding
x-goog-generation: 1681310194596111
content-type: application/javascript
x-goog-hash: crc32c=B4N9lA==, md5=8UmKhm7udyKsdtOFgVYmIA==
cache-control: public, max-age=900
x-goog-stored-content-length: 179052
timing-allow-origin: *
cf-ray: 7d2d1ee3ef699262-FRA
expires: Tue, 06 Jun 2023 02:25:44 GMT

GET
H2 200 cso-logo-idg.svg
idge.staticworld.net/cso/ 4 KB
4 KB 180ms
11ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idge.staticworld.net/cso/cso-logo-idg.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/www.idge.cso/css/article.css?v=20230605114851
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef7755857c07a98436dce7c81f0071da4925b63aa320f6a600eafdc08d620f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: oZFBpEq1ZhNl2KLvmAO7EkSd4kjPfufK
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: C039XPDMZ0NW8B1Z
age: 1669
x-cache: HIT
content-length: 3923
x-amz-id-2: /oNZxMJEslpknsfJUwyYv17O37vNgyyroHazbmHXtPUNytnMmBNrOU1g3swPn2A1AYtnfyTv1po=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Tue, 27 Mar 2018 00:09:02 GMT
server: AmazonS3
x-timer: S1686017445.527809,VS0,VE1
etag: "52e975d0aa09163968fbd12cf29e4088"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 99ms
35ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=011881588825642368632:b0mgdf4z90i

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

0b5357a29273b9ceab1faa9dfdff683789983c502fd8d59f4cb62a0815ac1f7c

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-w60SMsZolWmAhtZrQHIuog' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-w60SMsZolWmAhtZrQHIuog' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Tue, 06 Jun 2023 02:10:44 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3139
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Tue, 06 Jun 2023 02:10:44 GMT

GET
H2 200 CSO-logo-nav.svg
alt.idgesg.net/images/furniture/cso/ 2 KB
2 KB 111ms
9ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alt.idgesg.net/images/furniture/cso/CSO-logo-nav.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/www.idge.cso/css/oc-header.css?v=20230605114851
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eb5f4aaf681528b1c83e13a0e9302e9f05132372e35dbc96c95485198028d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: 1AZpuIKi8PcjBsPZ3lrXz_o5ZjbADhP.
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: RRX5JC9D6AJ2RMCG
age: 3061
x-amz-meta-origin-date-iso8601: 2019-03-20T14:28:52.000Z
x-cache: HIT
content-length: 2222
x-amz-id-2: zCHI7LVOm+jsqBk/jSXv07/GnuqxibFTYZgKdWCEPDm5pY0pGsYK5XeuOhoagslbvLLqG5dFVEY=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 20 Mar 2019 14:29:23 GMT
server: AmazonS3
x-timer: S1686017445.526664,VS0,VE1
etag: "a826e9631dda67c762e2f43ab9fbe6a6"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 hamburger-v2.svg
alt.idgesg.net/images/furniture/ 610 B
853 B 112ms
10ms Image
image/svg+xml 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alt.idgesg.net/images/furniture/hamburger-v2.svg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/www/css/oc-header.css?v=20230605114851
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 413215e01c47f149df91c6d2281bc5288980420466333b3190d2807c1a5a6966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: 1fnsULWZsCA3r7yvlAPj1P80IHmK7W6x
date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 varnish
x-amz-request-id: F4TME3FW10GDSJR1
age: 3158
x-amz-meta-origin-date-iso8601: 2018-12-17T19:19:51.000Z
x-cache: HIT
content-length: 610
x-amz-id-2: jLP8PjhSPKUHtoilMaTfD7fmxfNceaI11K5GBZ6qC5LjX8JujLOW2WD7etDFOvvCxkT7zex2PSk=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Mon, 17 Dec 2018 19:20:57 GMT
server: AmazonS3
x-timer: S1686017445.526850,VS0,VE1
etag: "cf32478c18a5e4e5ee7de7180fb12c18"
content-type: image/svg+xml
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 l
use.typekit.net/af/08fe52/00000000000000007735a650/30/ 23 KB
23 KB 34ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/08fe52/00000000000000007735a650/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vjj6ndp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4c19de2a2807b21157d84619e86d71d6afbf4ecf0ee81b0facc3d0b0bfd19f5b

Request headers

Referer: https://use.typekit.net/vjj6ndp.css
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx
etag: "70600c9f9504b5ae852c963aee91ae0a0d1ed401"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686017444379_399430933_76075256_50_366_6_0_255";dur=1
timing-allow-origin: *
content-length: 23652

GET
H2 200 l
use.typekit.net/af/44c438/00000000000000007735a64e/30/ 23 KB
24 KB 34ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/44c438/00000000000000007735a64e/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vjj6ndp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3472bf5f9320c4b1df7296ee201873128a3cc7db522928274ed50ce0427b190b

Request headers

Referer: https://use.typekit.net/vjj6ndp.css
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx
etag: "94bbe57e0115db4dccf4e8d9fde8748b577b42c7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686017444399_399430933_76075257_56_332_6_19_255";dur=1
timing-allow-origin: *
content-length: 23796

GET
H2 200 l
use.typekit.net/af/ddf216/00000000000000007735a656/30/ 24 KB
24 KB 38ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ddf216/00000000000000007735a656/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vjj6ndp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 729acdb88a3ec383e54cd9a31fb68c31f2428ab5d3436d2dfb3aec59bcb98763

Request headers

Referer: https://use.typekit.net/vjj6ndp.css
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx
etag: "e08ab2da79dccecc702fb61496e8a1da7d906e79"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686017444399_399430933_76075258_55_266_6_0_255";dur=1
timing-allow-origin: *
content-length: 24144

GET
H2 200 ss-standard.woff
www.csoonline.com/www.idge/css/webfonts/ 26 KB
27 KB 14ms
9ms Font
font/woff 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/css/webfonts/ss-standard.woff

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www.idge/css/webfonts/ss-standard.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

d2aae940b6d023c99cbd656bbd0868f51bcf4a93455efef42cc95d8a4c7bceca

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Referer: https://www.csoonline.com/www.idge/css/webfonts/ss-standard.css
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 5526
x-cache: HIT, HIT, HIT, HIT
content-length: 27080
x-via-fastly: Verdad
x-served-by: cache-sjc10057-SJC, cache-sjc10057-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:43:06 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.377603,VS0,VE1
etag: W/"27096-1685990586000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: font/woff
x-vcl-version: 86
accept-ranges: bytes
x-cache-hits: 45, 45, 1, 1

GET
H2 200 ss-social-circle.woff
www.csoonline.com/www.idge/css/webfonts/ 10 KB
10 KB 13ms
8ms Font
font/woff 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/css/webfonts/ss-social-circle.woff

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www.idge/css/webfonts/ss-social.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

8982bee74ee4a24031eea6ffe2cf2a3a41b3eee01490dfb4b8a641ef69dc923f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Referer: https://www.csoonline.com/www.idge/css/webfonts/ss-social.css
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 8008
x-cache: HIT, HIT, HIT, HIT
content-length: 9695
x-via-fastly: Verdad
x-served-by: cache-sjc10050-SJC, cache-sjc10050-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:43:06 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.377700,VS0,VE1
etag: W/"9732-1685990586000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: font/woff
x-vcl-version: 86
accept-ranges: bytes
x-cache-hits: 65, 65, 1, 1

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 77 KB
78 KB 17ms
12ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 06PVNXGD6WX8K5FV
age: 581543
alt-svc: h3=":443"; ma=86400
content-length: 79072
x-amz-id-2: RXKa0fGLIUo7KRWcill3ErJeuZ1KGSMg0zyTrl5rfG9NWO2zY3IgaRjxvGEJb/38JXicnhYR7rE=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: "59ea9019c9b9bc4d83ab9783e830735c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEo2Mu%2B9t84gTmb9gRqqDqYtqy9Krf3pr0km%2BmLXxwFLITsAjSkOeMoMTQMgu2%2B9epdx%2FpNKP9qnJzUWNINKj1A03poQ8OU6%2F3d1UMGyNDI1nlJ6TG6R9hxasN0ropZqn4uSi5D30f6oMtvQxnT%2Fk1Sj"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7d2d1ee35aac690a-FRA

OPTIONS
H2 200 new-user
cmpv2.csoonline.com/wrapper/tcfv2/v2/gdpr/native-message/ Frame 0
0 22ms
22ms Preflight
text/plain 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A3918%2C%22accountId%22%3A146%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmpv2.csoonline.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D&scriptVersion=2.7.0&scriptType=tcfv2&ch=4081074224231148093883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-27.muc50.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400, s-maxage=1200
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
x-amz-cf-id: ndhOvfWmxe3bQEbxlJs7frpDHgXGvHga8q903bHo6jkPqwctD6b2ag==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 new-user Show response
cmpv2.csoonline.com/wrapper/tcfv2/v2/gdpr/native-message/ 164 KB
12 KB 44ms
43ms XHR
application/json 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-27.muc50.r.cloudfront.net

Software

/ Express

Resource Hash

27ac94d9c50d094c3985e550dcf7f2dd940124539ebf10b33c6093649b5912ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: 7tpc6O_fNOeC5Gxbuanr2yZmFhwfFu9nlRxh3yAjUz_FIwCyDO_iXw==

GET
H2 200 ss-social-regular.woff
www.csoonline.com/www.idge/css/webfonts/ 16 KB
17 KB 161ms
160ms Font
font/woff 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/www.idge/css/webfonts/ss-social-regular.woff

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www.idge/css/webfonts/ss-social.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

3d5629a5cbadabfd67e7c99b9e71569f356ebf7fddabd5b3c24e37b49a48c605

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Referer: https://www.csoonline.com/www.idge/css/webfonts/ss-social.css
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 2486
x-cache: HIT, HIT, HIT, HIT
content-length: 16793
x-via-fastly: Verdad
x-served-by: cache-sjc10044-SJC, cache-sjc10044-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
last-modified: Mon, 05 Jun 2023 18:43:06 GMT
server: Apache-Coyote/1.1
x-timer: S1686017444.459396,VS0,VE153
etag: W/"16804-1685990586000-gzip"
x-frame-options: deny
vary: Accept-Encoding,Cookie
content-type: font/woff
x-vcl-version: 86
accept-ranges: bytes
x-cache-hits: 29, 29, 1, 1

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
391 B 98ms
31ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187051&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 96b94268dcf8df15beb19f7d7ffb2617ace4f672d8aaf9f21d9ea49cdecbaae7

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.csoonline.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Thu, 06 Jul 2023 02:10:44 GMT

OPTIONS
H2 200 pv-data
cmpv2.csoonline.com/consent/tcfv2/consent/v2/data-pipeline/ Frame 0
0 31ms
31ms Preflight
text/html 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true&ch=4081074224231148093883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-27.muc50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
allow: POST
cache-control: no-cache
content-length: 4
content-type: text/html; charset=utf-8
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
x-amz-cf-id: gQL2EZ7ysemSvYuKtGKyt8BooiBii8wJBU7VnkwtjpMw1rd6ZNM_eQ==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront

POST
H2 200 pv-data Show response
cmpv2.csoonline.com/consent/tcfv2/consent/v2/data-pipeline/ 1 KB
1 KB 31ms
31ms XHR
application/json 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true&ch=4081074224231148093883

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-27.muc50.r.cloudfront.net

Software

Resource Hash

46f7931d40c8e0fd7a9738e54bd36430a56d511047fc85b8a2afe6f27cc06a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 2285QJSRmAacjBbIsD08n9VhUQpMfyEViMwHyaLgIbhH1gREc1Ctyg==

GET
H2 200 message_url Show response
cmp.csoonline.com/mms/v2/ 0
458 B 44ms
44ms XHR
application/json 99.84.88.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.csoonline.com/mms/v2/message_url?requestUUID=33cb79ce-835a-4245-95dc-83e1f50e19de&account_id=146&abp=false&href=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&consentUUID=undefined&loadedData=%5B%7B%22id%22%3A%22CONSENT%3Aendpoint%3Ahttps%3A%2F%2Fccpa-service.sp-prod.net%3A3918%22%2C%22result%22%3A%22%7B%5C%22hasConsentData%5C%22%3Afalse%2C%5C%22consentedToAny%5C%22%3Afalse%2C%5C%22consentedToAll%5C%22%3Afalse%2C%5C%22rejectedAny%5C%22%3Afalse%7D%22%7D%5D&stage_campaign=false&cookie=%5B%22_sp_v1_uid%3D1%3A627%3A57b7fb14-91b5-46e3-8b83-e3b775f2dd45%3B%22%2C%22_sp_v1_data%3D2%3A591288%3A1686017444%3A0%3A1%3A0%3A1%3A0%3A0%3A_%3A-1%3B%22%2C%22_sp_v1_ss%3D1%3AH4sIAAAAAAAAAItWqo5RKimOUbKKpiIjD8QwqI3ViVFKBTHzSnNygOwSsILq2mEjoRQLAKUpDPRAAQAA%22%5D&t[type]=CCPA

Requested by

Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-94.muc50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-sp-mms-node: ip-10-128-32-23
via: 1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
x-sp-mms-env: 1
content-length: 0
pragma: no-cache
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-amz-cf-id: Xty2iQvWYkrVl4n0G1a6VZQwtYWBdQ7yivUAAYScLgTEMmxTr0F9Tg==
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 406 KB
126 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55344
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128351
x-xss-protection: 0
server: cafe
etag: 10410007902637205610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 04 Jun 2024 10:48:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 50 B
68 B 32ms
16ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.csoonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48594162fadd244f2afa2f3f1e02795f6a04a14398ffc78779bfada998d2b7b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Tue, 06 Jun 2023 02:10:44 GMT

GET
H2 200 pxid Show response
f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co/v2.0/ 46 B
395 B 67ms
20ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co/v2.0/pxid?k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 60e61bcf02fa91860ade858630d35c21aa624b5a421d03e06e1c3de11d5d9ecb

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
813 B 34ms
7ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:10:44 GMT
AN-X-Request-Uuid: 8d37c15f-3684-4fde-a696-e4804c33bc8f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.csoonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 f5b3be27-f789-4ef1-8867-37c67da5b361-models.bin Show response
cdn.permutive.com/models/v2/ 17 KB
13 KB 88ms
70ms XHR
application/x-binary 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/f5b3be27-f789-4ef1-8867-37c67da5b361-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356b294ef4bca003a289221d99cabd5cc2d4a719a9beaf59842aa3d5b83253ed

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-goog-meta-oid: f5b3be27-f789-4ef1-8867-37c67da5b361
age: 0
x-guploader-uploadid: ADPycdsclXmhdsqgBRlS4jb03Hl-UwX4tstAKIINyJ521bQi-YEhhNhWmKyTgIzAa3qj6cdqbpnhgf0wPnt9T-NbjHY1_-pYhHL9
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 12197
last-modified: Mon, 05 Jun 2023 06:02:41 GMT
server: cloudflare
etag: "8b8a90f5924e66da52c8b410cebf7b65"
vary: Accept-Encoding
x-goog-generation: 1685944961195885
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=OWBTZg==, md5=i4qQ9ZJOZtpSyLQQzr97ZQ==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 12197
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2d1ee51dafbb4a-FRA
expires: Tue, 06 Jun 2023 02:10:44 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 248 B
360 B 51ms
21ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: ebb85dc814b0a049df31e344c469b22ac5ea21c710d617e707afe279bdbba8bf

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 492 B
375 B 51ms
21ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: a57a9ec711144c085f1ee9dec14fd091371885b5bc338a942d92f1460c06ffd7

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 310

GET
H2 200 tso Show response
www.csoonline.com/ads/ 16 B
271 B 9ms
8ms XHR
application/json 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/ads/tso?localeId=10

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

2aa4924d40619a50c69124b81159e9d183bf42ed9792d2bdf442ce232fc53221

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 1241
x-cache: HIT, HIT, HIT, HIT
content-length: 36
x-via-fastly: Verdad
x-served-by: cache-sjc10058-SJC, cache-sjc10058-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.657656,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: application/json;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 1, 1, 1, 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 38ms
12ms Script
application/javascript 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:12:02 GMT
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4066
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: IaUZ6UF8mWVTrV4H7z4qkP735Abu0uSEJ6legtBQR2fY4RDpDOjG0g==

GET
H2 200 / Show response
api.ipify.org/ 63 B
138 B 853ms
150ms Script
application/javascript 104.237.62.211
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=jQuery110207407153452604878_1686017444115&_=1686017444116
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: hosted-by.racknerd.com
Software: /
Resource Hash: 6e5e58e4604484e2e5dfad6ce515e5e40c63ba836627d1d45fd7cac13d334f97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
content-length: 63
vary: Origin
content-type: application/javascript

GET
H2 200 eedeabb0-9a59-4b6b-9df3-e55745819adf.json Show response
cdn.subscribers.com/config/ 3 KB
3 KB 233ms
212ms Fetch
text/json 2606:4700:10::ac43:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.subscribers.com/config/eedeabb0-9a59-4b6b-9df3-e55745819adf.json
Requested by: Host: cdn.subscribers.com
URL: https://cdn.subscribers.com/assets/subscribers.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2b3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e09fbd583a70f558a1d941f785b393b785030c7b12dece108722fae94595cba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: 0A86NDNQF5DBZKD1
x-amz-server-side-encryption: AES256
content-length: 3009
x-amz-id-2: gi2/ZX5feAYrzffFzuKNZe89jqW8Oob1GMQPLgMN9LbSwYYWGe80NuyrjR/DWQLEU68GVIzv39A=
last-modified: Mon, 05 Jun 2023 20:15:59 GMT
server: cloudflare
etag: "86c7bc8773ced172ef5df73e19ecff86"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/json
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 7d2d1ee54bc21c7f-FRA

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/ffd60a64b75d4cdb/ 308 KB
102 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/ffd60a64b75d4cdb/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=011881588825642368632:b0mgdf4z90i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5d92a16047c75a0d99acb04a68e4ab4ffa5c903103bc74df11e58d7a38994c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:14:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104753
x-xss-protection: 0
last-modified: Fri, 26 May 2023 16:15:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 01 Jun 2024 18:14:56 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/ffd60a64b75d4cdb/ 41 KB
41 KB 35ms
9ms Stylesheet
text/css 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/ffd60a64b75d4cdb/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=011881588825642368632:b0mgdf4z90i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:48:56 GMT
x-content-type-options: nosniff
age: 213708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41811
x-xss-protection: 0
last-modified: Fri, 26 May 2023 16:15:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 02 Jun 2024 14:48:56 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 46ms
20ms Stylesheet
text/css 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=011881588825642368632:b0mgdf4z90i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 06 Jun 2023 02:12:05 GMT

OPTIONS
H2 200 display-dns
ccpa-service.sp-prod.net/ccpa/consent/3918/ Frame 0
0 299ms
96ms Preflight
text/html 23.21.213.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ccpa-service.sp-prod.net/ccpa/consent/3918/display-dns?requestUUID=33cb79ce-835a-4245-95dc-83e1f50e19de

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.213.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-213-43.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.csoonline.com
allow: POST
cache-control: no-cache
content-length: 4
content-type: text/html; charset=utf-8
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains

POST
H2 200 display-dns Show response
ccpa-service.sp-prod.net/ccpa/consent/3918/ 649 B
972 B 102ms
101ms XHR
application/json 23.21.213.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ccpa-service.sp-prod.net/ccpa/consent/3918/display-dns?requestUUID=33cb79ce-835a-4245-95dc-83e1f50e19de

Requested by

Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.213.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-213-43.compute-1.amazonaws.com

Software

Resource Hash

cfd65e299072d509981227de13e5b5f213375a2ee655518d6d96d316e48a1aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 649

GET
BLOB 200
OK 12c670d0-6151-4d57-97af-354b379f369b
https://www.csoonline.com/ 254 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.csoonline.com/12c670d0-6151-4d57-97af-354b379f369b
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1104b2d009e0442e2c4c6c1ddf1ebd49ea3a90aaa1ab81f274f70e581113c9f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length: 259904
Content-Type

GET
BLOB 200
OK a9932cae-3c0b-479d-9a6c-099a807777d9
https://www.csoonline.com/ 254 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.csoonline.com/a9932cae-3c0b-479d-9a6c-099a807777d9
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1104b2d009e0442e2c4c6c1ddf1ebd49ea3a90aaa1ab81f274f70e581113c9f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length: 259904
Content-Type

GET
H2 200 t Show response
jadserve.postrelease.com/ 7 KB
3 KB 109ms
35ms Script
text/javascript 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&ntv_mvi&ntv_kv=channel*vulnerabilities
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 1d7b1c5add3c5528fe12f809aff8678f0793b2bca47313429d242b607651aad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 2376
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 tile Show response
www.csoonline.com/napi/ 77 B
226 B 162ms
161ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=blox4.dynamic&geo=10&definition=nav.fixed&placement=Nav+Fixed

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

6ccbc734f00e46668252ae9d10341f50adabda27ba89547f1700899ed85f5338

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 3727
x-cache: HIT, HIT, MISS, MISS
content-length: 34
x-via-fastly: Verdad
x-served-by: cache-sjc10069-SJC, cache-sjc10069-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.729103,VS0,VE153
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 4, 4, 0, 0

GET
H2 200 tile Show response
www.csoonline.com/napi/ 72 B
398 B 15ms
14ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=blox4.dynamic&geo=10&placement=Nav+Mega+Column+1

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

76c910bb824e43c77431224a89550f49bade4de45b824c1cfc7e94144090dc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 14841
x-cache: HIT, HIT, HIT, HIT
content-length: 34
x-via-fastly: Verdad
x-served-by: cache-sjc10050-SJC, cache-sjc10050-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.730128,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 67, 67, 1, 1

GET
H2 200 tile Show response
www.csoonline.com/napi/ 72 B
185 B 167ms
167ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=blox4.dynamic&geo=10&placement=Nav+Mega+Column+2

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

76c910bb824e43c77431224a89550f49bade4de45b824c1cfc7e94144090dc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 3449
x-cache: HIT, HIT, MISS, MISS
content-length: 34
x-via-fastly: Verdad
x-served-by: cache-sjc10077-SJC, cache-sjc10077-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.735185,VS0,VE157
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 1, 1, 0, 0

GET
H2 200 tile Show response
www.csoonline.com/napi/ 72 B
209 B 18ms
18ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=blox4.dynamic&geo=10&placement=Nav+Mega+Column+3

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

76c910bb824e43c77431224a89550f49bade4de45b824c1cfc7e94144090dc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 14841
x-cache: HIT, HIT, HIT, HIT
content-length: 34
x-via-fastly: Verdad
x-served-by: cache-sjc10058-SJC, cache-sjc10058-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.743410,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 15, 15, 1, 1

GET
H2 200 tile Show response
www.csoonline.com/napi/ 72 B
183 B 17ms
15ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=blox4.dynamic&geo=10&placement=Nav+Mega+Column+4

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

76c910bb824e43c77431224a89550f49bade4de45b824c1cfc7e94144090dc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 8344
x-cache: HIT, HIT, HIT, HIT
content-length: 34
x-via-fastly: Verdad
x-served-by: cache-sjc10077-SJC, cache-sjc10077-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.743516,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 8, 8, 1, 1

GET
H2 200 tile Show response
www.csoonline.com/napi/ 125 B
181 B 10ms
9ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=listItemList&genericIfCategoryEmpty=true&includeArticles=true&pageSize=4&queryKey=BestTechDeals&typeId=16&wrapperElement=ul&itemTemplate=%2Fwww.idge%2F_shared%2Fcomponents%2Fmodules%2Fitem%2Frelated-articles.jsp

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

b5a291b53145791eb26ce6e36a5e4d81b79a8d6f477928f9f5b72ec0b6d0f5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: */*
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 7310
x-cache: HIT, HIT, HIT, HIT
content-length: 31
x-via-fastly: Verdad
x-served-by: cache-sjc10080-SJC, cache-sjc10080-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.777719,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 70, 70, 1, 1

GET
H2 200 tile Show response
www.csoonline.com/napi/ 4 KB
857 B 9ms
8ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=listItemList&genericIfCategoryEmpty=true&includeArticles=true&pageSize=4&queryKey=TechconnectDeals&brandOwnerOnly=true&brandOwner=4194304&wrapperElement=ul&itemTemplate=%2Fwww.idge%2F_shared%2Fcomponents%2Fmodules%2Fitem%2Frelated-articles.jsp

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

5f1b5087fa315ca0fd65c68e2ef58ce1c33fee26d59cd0fce07458afa3f2fe8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: */*
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 8880
x-cache: HIT, HIT, HIT, HIT
content-length: 706
x-via-fastly: Verdad
x-served-by: cache-sjc10020-SJC, cache-sjc10020-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.777676,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 91, 91, 1, 1

GET
H2 200 tile Show response
www.csoonline.com/napi/ 47 B
381 B 10ms
9ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=editfakeSideBar&geo=10&aid=3698512

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

d2d4f317dcf44ab195d049f781fd353562cf0fa08474e0c659f0fa06609d5529

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 413
x-cache: MISS, MISS, HIT, HIT
content-length: 35
x-via-fastly: Verdad
x-served-by: cache-sjc10060-SJC, cache-sjc10060-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.783247,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 0, 0, 1, 1

GET
H2 200 tile Show response
www.csoonline.com/napi/ 47 B
197 B 14ms
13ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=sponsoredfakeSideBar&geo=10&aid=3698512

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

d2d4f317dcf44ab195d049f781fd353562cf0fa08474e0c659f0fa06609d5529

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 413
x-cache: MISS, MISS, HIT, HIT
content-length: 35
x-via-fastly: Verdad
x-served-by: cache-sjc10078-SJC, cache-sjc10078-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.791718,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 0, 0, 1, 1

GET
H2 200 tile Show response
www.csoonline.com/napi/ 47 B
169 B 12ms
12ms XHR
text/html 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/napi/tile?def=nativefakeSideBar&geo=10&aid=3698512

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/www/js/jquery/jquery-1.10.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.165 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

d2d4f317dcf44ab195d049f781fd353562cf0fa08474e0c659f0fa06609d5529

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Jun 2023 02:10:44 GMT
age: 413
x-cache: MISS, MISS, HIT, HIT
content-length: 35
x-via-fastly: Verdad
x-served-by: cache-sjc10041-SJC, cache-sjc10041-SJC, cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
server: Apache-Coyote/1.1
x-timer: S1686017445.793773,VS0,VE1
x-frame-options: deny
x-fastly-ttl: 14400.000
content-type: text/html;charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=14400
x-vcl-version: 86
accept-ranges: bytes
x-fastly-stale: 432000.000
x-cache-hits: 0, 0, 1, 1

GET
H2 200 index.html Show response
cmpv2.csoonline.com/ Frame AE07 5 KB
2 KB 8ms
7ms Document
text/html 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
Requested by: Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20c582bceb348344872811c400dea6c6f2f8cb7e5c547a9a41d8a072d4c5f08d

Request headers

Referer: https://www.csoonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1075
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Tue, 06 Jun 2023 01:55:26 GMT
etag: W/"b57a49c6d1351d4b6b39db136aa097c0"
last-modified: Thu, 27 Apr 2023 16:59:03 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
x-amz-cf-id: 5wG1mPV1J7Kq7ZeSVzgsDL2TM-_pLgnM-imHvWShL0j-f2xZy2GdIw==
x-amz-cf-pop: MUC50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
77 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WC9SK&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21ce85a4748bf10989839f43d9da57c3d3303584ead5261ead77732a5184c196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78830
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Jun 2023 02:10:44 GMT

GET
H2 200 api.js Show response
w.soundcloud.com/player/ 5 KB
6 KB 37ms
7ms Script
application/javascript 108.138.36.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/api.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-28.muc50.r.cloudfront.net

Software

am/2 /

Resource Hash

fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:08:23 GMT
via: sssr, 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
last-modified: Wed, 24 May 2023 09:03:57 GMT
server: am/2
x-amz-cf-pop: MUC50-P2
age: 141
etag: W/"15a4-1884d002c48"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
cache-control: public, max-age=300
accept-ranges: bytes
content-length: 5540
x-amz-cf-id: OwckmCL4dJ2YkOlYQvtNlTFykrHvGsC72HHY99s4Qsnfvyj5_WjJKg==

GET
H2 200 foundry.js Show response
cdn.brandmetrics.com/tag/204b11895d4d4bcda0a6cefefc2b747d/ 5 KB
3 KB 51ms
21ms Script
text/javascript 2606:4700:20::681a:d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/204b11895d4d4bcda0a6cefefc2b747d/foundry.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c7b0d1505f8ee7de88bfad7de89af2514174595bc36a2f00a016a98c3189d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Jun 2023 02:01:01 GMT
server: cloudflare
age: 583
cf-polished: origSize=5451
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqxVauEWsNSw9e4JHkWzU07F%2FgzZHk%2BpS5BJVp%2Fca4PTyf1wn3Sada%2Bldv1beCh8kY2V194o7Z0JWJkAIJAOOeAXHzB0KwHgTNzQwkWixXbL2MCyUvTXWtLW7LgNxTvrZXpgFS8nDfIHohReltpdnAwl"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d2d1ee66b259b6a-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
86 B 36ms
20ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6e8c26c6320c978215154055c56331c307c092ab5bb1ef2d0f6571ce95ba5a31

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 00:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5717
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 06 Jun 2023 02:35:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
81 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LKE46QM5TV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17c26bfbfbcb9dcedb124c13cebcf3b564029348657e0454932736aece1d68b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 02:10:44 GMT

GET
H2 200 Notice.4bddf.css
cmpv2.csoonline.com/ Frame AE07 33 KB
6 KB 11ms
8ms Stylesheet
text/css 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpv2.csoonline.com/Notice.4bddf.css
Requested by: Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 178927b65afb5ad2b16ff8268ad6e840ff2d8b6dea202db85ff7ad493c5e81b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:42:08 GMT
content-encoding: gzip
via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 16:59:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 1974
x-amz-server-side-encryption: AES256
etag: W/"f960b2583e693a21fa5e7dd0ca15ac17"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: fU0gp7fy3uz5dQU50KcLxONZ7SF9zJuT1ECbOmDar-Jiq4NBUpAfhg==

GET
H2 200 polyfills.d36c5.js Show response
cmpv2.csoonline.com/ Frame AE07 5 KB
2 KB 11ms
8ms Script
text/javascript 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpv2.csoonline.com/polyfills.d36c5.js
Requested by: Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:50:23 GMT
content-encoding: gzip
via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 16:59:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 1239
x-amz-server-side-encryption: AES256
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: enOcC1ViHzKLJLjqihJLldjfrAZJrg6xx1u2Vmu6pTXa4zv_DcdqbA==

GET
H2 200 Notice.89bd8.js Show response
cmpv2.csoonline.com/ Frame AE07 263 KB
69 KB 12ms
9ms Script
text/javascript 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpv2.csoonline.com/Notice.89bd8.js
Requested by: Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d812930726ce29dd3b9d1dae01e74e4f383a19c49526e11a484a7cc8a50ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:56:56 GMT
content-encoding: gzip
via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 16:59:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 852
x-amz-server-side-encryption: AES256
etag: W/"aad96c90f00a37f6b24220c104d0ff2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: _vFzxNpLFL_JSfRuMOg2yaVgp__dJfQnPk0juizYOp0TQ12Ju2geDQ==

GET
H2 200 ttj Show response
ib.3lift.com/ 6 KB
3 KB 51ms
16ms Script
application/javascript 108.138.36.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=tan_CSOOnline_MOAP
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-58.muc50.r.cloudfront.net
Software: /
Resource Hash: 9473af41ec87b6f7366cc37b5ade750f75871a2fb4bddeafe3464645d5ae8989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:00:44 GMT
content-encoding: gzip
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 601
etag: "936f058381272a9e30bc9911c83d388062fa81ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
content-length: 2829
x-amz-cf-id: fP4nHNjB1suAZGKp55jMrIFHsV-QqzZxu9aUMovSf4JM2v2LU0LxQw==

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 49ms
8ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=9335
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43895
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 34ms
32ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5415965&ntv_pl=787043
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 35ms
32ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=7324b768-21cd-46aa-88e6-b106913ba2e2&ntv_fl=sx1m-i7rb_31l_AoDvFzpBxUEUS5YP4jo7iARt1b1bZAsiIrXTI1_zk9IEThoptl1v-qP7HbjR1ZuWERLLpwD5bOWweqiOqGAegWjNFvicXrj0ymHOBUm4jshLYMb1rDHfy-FFFjFJ9p07d7410OcHb3eXlsqKxA8oi5EwY_I9pUAa2wwJfQwsHS1xl1rbZomZ1Dbgsk3d54YJwNmGXmqYMApX4sd0vd3Z2y8UBe6r2Bxxz3Y0_Bkd9Gpahsigm2T8RXCfxNvvcr2hhStamcDdkg4d4gzyyIs9oploRqbJc=&ntv_ht=pJV-ZAA&ntv_at=303,302&ntv_a=AAAAAAAAAA7HgQA&ord=1686017444959&ntv_it
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 36ms
33ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=7324b768-21cd-46aa-88e6-b106913ba2e2&ntv_fl=sx1m-i7rb_31l_AoDvFzpBxUEUS5YP4jo7iARt1b1bZAsiIrXTI1_zk9IEThoptl1v-qP7HbjR1ZuWERLLpwD5bOWweqiOqGAegWjNFvicXrj0ymHOBUm4jshLYMb1rDHfy-FFFjFJ9p07d7410OcHb3eXlsqKxA8oi5EwY_I9pUAa2wwJfQwsHS1xl1rbZomZ1Dbgsk3d54YJwNmGXmqYMApX4sd0vd3Z2y8UBe6r2Bxxz3Y0_Bkd9Gpahsigm2T8RXCfxNvvcr2hhStamcDdkg4d4gzyyIs9oploRqbJc=&ntv_ht=pJV-ZAA&ntv_at=806&ntv_a=AAAAAAAAAAYwIMA&ntv_sat=5&ord=1686017444965&ntv_it
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 35ms
33ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=7324b768-21cd-46aa-88e6-b106913ba2e2&ntv_fl=sx1m-i7rb_31l_AoDvFzpBxUEUS5YP4jo7iARt1b1bZAsiIrXTI1_zk9IEThoptl1v-qP7HbjR1ZuWERLLpwD5bOWweqiOqGAegWjNFvicXrj0ymHOBUm4jshLYMb1rDHfy-FFFjFJ9p07d7410OcHb3eXlsqKxA8oi5EwY_I9pUAa2wwJfQwsHS1xl1rbZomZ1Dbgsk3d54YJwNmGXmqYMApX4sd0vd3Z2y8UBe6r2Bxxz3Y0_Bkd9Gpahsigm2T8RXCfxNvvcr2hhStamcDdkg4d4gzyyIs9oploRqbJc=&ntv_ht=pJV-ZAA&ntv_at=321,322,333&ntv_a=AAAAAAAAAA7HgQA&ntv_jlt=590&ntv_jad=245&ntv_jte=10&ntv_it
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 66ms
64ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=f139e4b3-36a8-4ff6-b0b3-e4f363eed1eb&ntv_fl=UP8B7SdIPDJsQ-gGZI79ip3XJ_UrCLJb6z0gvDs7j_AiH7NUCDyEpGup5RISy4r7jp2J_oI1X2vK1xfg80HdD99IoJt0ZyITkbfFdan8q9JkEUHwvoPHzaju3paOXkfhwl7FyGTvPytuXlfrkT1peFhsUrLuEiHsimIOoaCb2Qzn-unL7jhbHXBMGOhtcIzZ5jCw821GGAhT0jAjQuU2vjqkYg2txqLTeQV7eRq6vLLr9fMk1SDxE0q7ZP_FtNgmyfacws_VVPwA-PC_Tt8lp3YzH-KvUM4mkHXorryoqFE=&ntv_ht=pJV-ZAA&ntv_at=303&ntv_a=AAAAAAAAAAYwIMA&ord=1686017444965&ntv_it
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 35ms
34ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=f139e4b3-36a8-4ff6-b0b3-e4f363eed1eb&ntv_fl=UP8B7SdIPDJsQ-gGZI79ip3XJ_UrCLJb6z0gvDs7j_AiH7NUCDyEpGup5RISy4r7jp2J_oI1X2vK1xfg80HdD99IoJt0ZyITkbfFdan8q9JkEUHwvoPHzaju3paOXkfhwl7FyGTvPytuXlfrkT1peFhsUrLuEiHsimIOoaCb2Qzn-unL7jhbHXBMGOhtcIzZ5jCw821GGAhT0jAjQuU2vjqkYg2txqLTeQV7eRq6vLLr9fMk1SDxE0q7ZP_FtNgmyfacws_VVPwA-PC_Tt8lp3YzH-KvUM4mkHXorryoqFE=&ntv_ht=pJV-ZAA&ntv_at=808&ntv_a=AAAAAAAAAAYwIMA&ntv_sat=5&ord=1686017444966&ntv_it
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 34ms
33ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=967ec9f5-93df-4eed-a7cf-c8ca9b6f1886&ntv_fl=eRAlJJJ8dVtbO-P0Yu7F97JcNTPzW1AMf2Fa6D3mMwQQyi4mtF58TdR7XrW-ZaeeSaZTkSYGdvtVeyeu7YZAgDDUN3dLtDOZwHYGpyceoWD5--CKlmC3yXiJ70RHPwA8ajYsb5T0AjLo4WLQIgtrkKQsxiErlEhw_VaLCssqVS4sLoD8MDgfRxwHi53scisXshb7ohI5A9YE9d0qLGVeWxq6t5DgMp8147bYWzWSdtOyNwQYV6gKdvOom6_bG51_6YekeKk-OqVqiVhGPKfrTQVvhp4nA4x2AsmDKsqXuDI=&ntv_ht=pJV-ZAA&ntv_at=303&ntv_a=AAAAAAAAAAd-oQA&ord=1686017444966&ntv_it
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 35ms
34ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=967ec9f5-93df-4eed-a7cf-c8ca9b6f1886&ntv_fl=eRAlJJJ8dVtbO-P0Yu7F97JcNTPzW1AMf2Fa6D3mMwQQyi4mtF58TdR7XrW-ZaeeSaZTkSYGdvtVeyeu7YZAgDDUN3dLtDOZwHYGpyceoWD5--CKlmC3yXiJ70RHPwA8ajYsb5T0AjLo4WLQIgtrkKQsxiErlEhw_VaLCssqVS4sLoD8MDgfRxwHi53scisXshb7ohI5A9YE9d0qLGVeWxq6t5DgMp8147bYWzWSdtOyNwQYV6gKdvOom6_bG51_6YekeKk-OqVqiVhGPKfrTQVvhp4nA4x2AsmDKsqXuDI=&ntv_ht=pJV-ZAA&ntv_at=808&ntv_a=AAAAAAAAAAYwIMA&ntv_sat=5&ord=1686017444966&ntv_it
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:44 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 204 b2
sb.scorecardresearch.com/ 0
225 B 12ms
12ms Image
text/plain 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035308&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686017444972&ns_c=UTF-8&c3=&c5=Vulnerabilities&c6=Article%3A%20News%20Analysis&c15=3698512&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=DE&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=2&cs_fpcd=1&c7=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&c8=Clop%20ransomware%20gang%20exploits%20the%20MOVEit%20Transfer%20vulnerability%20to%20steal%20data%20%7C%20CSO%20Online&c9=
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:44 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: JGerhZ7uCEDF0xuRFdBOUOOFUAMHiv0j60FyFcNy18FYQeghnQ940Q==
x-cache: Miss from cloudfront

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/ffd60a64b75d4cdb/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccf77f390ce6fd71f2edeb05e72bfacf6bfbd2dbbdc9edfd99cf87100f402185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "15353194691974787369"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Tue, 06 Jun 2023 02:10:45 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 53ms
7ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 01:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Jun 2023 02:52:44 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
324 B 45ms
17ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.csoonline.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 40ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LKE46QM5TV&gtm=45je35v0&_p=1095059811&cid=372335443.1686017445&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686017445&sct=1&seg=0&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&dt=Clop%20ransomware%20gang%20exploits%20the%20MOVEit%20Transfer%20vulnerability%20to%20steal%20data%20%7C%20CSO%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&ep.articleId=3698512&ep.author=Lucian%20Constantin&ep.datePublished=2023-06-05&ep.dateUpdated=2023-06-05&ep.goldentaxonomyIdPrimary=942&ep.goldentaxonomyIdList=71%2C949&ep.goldentaxonomyIdAll=942%2C%2071%2C%20949&ep.categoryIdList=3308%2C4046%2C3346&ep.categoryIdPrimary=3308&ep.primaryCategory=vulnerabilities&ep.primaryCategoryAll=vulnerabilities%2C%20ransomware%2C%20data%20breach&ep.primaryCategoryList=ransomware%2Cdata%20breach&ep.articleType=News%20Analysis&ep.audience=enterprise&ep.contentType=newsanalysis&ep.displayType=article&ep.Edition=de&ep.Platform=Web&ep.Property=cso%20online&ep.propertyCountry=US&ep.skimlinksId=111346X1569475&ep.Source=cso&ep.articleLocale=global&ep.categoryIdAll=3308%2C4046%2C3346&ep.Environment=production&ep.insiderSignedIn=false&ep.isBlog=false&ep.isInsiderContent=false&ep.isICN=false&ep.sponsorName=&up.jobPosition=&up.industry=&up.firstSessionDate=Tue%2C%2006%20Jun%202023%2002%3A10%3A44%20GMT&up.lastSessionDate=Tue%2C%2006%20Jun%202023%2002%3A10%3A44%20GMT&upn.daysSinceLastSession=0&upn.sessionNumber=1&up.insiderSignedIn=false&up.userId=&up.hasRegCookie=&up.jobFunction=&up.insiderProSignedIn=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LKE46QM5TV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub.531979.min.js Show response
www.dwin2.com/ 461 KB
131 KB 58ms
9ms Script
text/javascript 2600:9000:2156:e00:f:1dcc:7540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin2.com/pub.531979.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WC9SK&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:f:1dcc:7540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bf61c7f2b1f0a79d9efed4e02525f461b5e4892ce737a07fe81f54837155fc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
date: Tue, 06 Jun 2023 02:09:05 GMT
last-modified: Mon, 05 Jun 2023 19:12:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 124
x-amz-server-side-encryption: AES256
etag: W/"deff2ce296e89a5a3c060e853babc396"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=600
x-amz-cf-id: 7jPkOpCAEbdxaJpyaFLZ_rQSTKBf-1yfrmqD8glznvbhMEYSguOjVA==

GET
H2 200 css2
fonts.googleapis.com/ Frame AE07 4 KB
1003 B 44ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c0084a5075fbd8177e85f6e8d5401f016387735fd92accf20ce5d5da375befa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmpv2.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 02:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 01:24:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 02:10:45 GMT

GET
H2 200 categories Show response
cmpv2.csoonline.com/consent/tcfv2/vendor-list/ Frame AE07 1 KB
1 KB 24ms
23ms Fetch
application/json 99.84.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/consent/tcfv2/vendor-list/categories?siteId=3918&consentLanguage=en

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/Notice.89bd8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-27.muc50.r.cloudfront.net

Software

Resource Hash

96753f997cca08f5d79ee77443fec431dc00ed61d45d8d36fd2d8584a20aa198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmpv2.csoonline.com/index.html?message_id=773117&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fcmpv2.csoonline.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: mtuqU0AAlhMVE06BTRPvOms4Dr9-uqAnPKS3uYU_joni0wszCDMbpA==

GET
H2 200 cso-logo-100800397-orig.jpg
images.idgesg.net/images/article/2019/06/ Frame AE07 14 KB
15 KB 286ms
11ms Image
image/jpeg 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.idgesg.net/images/article/2019/06/cso-logo-100800397-orig.jpg
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0d5886513eda3107d1e40683961d54cac4de14f95f2656b848d1c019293c2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmpv2.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: TkO72FvGpYGON8HVMwG6OxoCRUar99ad
date: Tue, 06 Jun 2023 02:10:45 GMT
via: 1.1 varnish
x-amz-request-id: A24W15WZ9TAH6JKH
age: 1634
x-cache: HIT
fastly-io-info: ifsz=18131 idim=382x189 ifmt=jpeg ofsz=14474 odim=382x189 ofmt=jpeg
fastly-stats: io=1
content-length: 14474
x-amz-id-2: AzhRflE0bWkuQQ9Ka3XfLLbekfhtZtI5JGAe5gpwoG0keitpH/qOctmcwcB9B1VG90KwkzpvbmM=
x-served-by: cache-fra-eddf8230089-FRA
server: AmazonS3
x-timer: S1686017445.476066,VS0,VE1
etag: "cPl46LE9tYXJlkOOtuDnC1Dacz9Zqt7x/zj49jS7z8Y"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 47 KB
15 KB 15ms
14ms Script
text/javascript 2606:4700:20::681a:d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=859f1054-306e-4cf1-ba1e-f830aaa45fea&toploc=www.csoonline.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/204b11895d4d4bcda0a6cefefc2b747d/foundry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d59ba61fff4fd336c5735d54fcf8c11a090938ba68eb8ea1c573fb6ba3ac89c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Jun 2023 02:04:19 GMT
server: cloudflare
age: 386
cf-polished: origSize=48740
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7tapVinpxYGFPW4qUEa4%2Fn%2FogXYS7akFp9vED%2FTrkQpmjT0B%2FBi2DTldJ5rzu64p4LD%2BL6G%2Fy9PZ4PohB4I4yCCTvaUrp3gO4q6zR1cDZ48Lw5v4tfsmOFfOKXIdTQGDYo2zqIzkPZcX%2FpJ9hWXDonp"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d2d1ee88cbd9b6a-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/e340837f583a50cea3f0e330583c33f5d73e2405/dist/ 184 KB
59 KB 8ms
7ms Script
text/javascript 108.138.36.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/e340837f583a50cea3f0e330583c33f5d73e2405/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=tan_CSOOnline_MOAP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-58.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebd96e2407b461086d487e9bee053368f83b71783544efb9dcf53e8766b5331f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 20:40:39 GMT
content-encoding: gzip
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 365407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 59846
last-modified: Thu, 01 Jun 2023 20:40:13 GMT
server: AmazonS3
etag: "9b6e80dcb55efcb4a0c6cd63cd6d29e7"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: WKq_22qa4XUioqOYnZE4VaBWJ5KutljHQyLaJYd0kX8LwF0Am_uR7Q==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
323 B 72ms
50ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.csoonline.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 9335 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
252 B 411ms
410ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/9335?t=20235622
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:45 GMT
last-modified: Tue, 18 Nov 2014 20:18:12 GMT
server: AmazonS3
x-amz-request-id: B17D55F7DE27FB81
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=2384
accept-ranges: bytes
content-length: 0
x-amz-id-2: mIU50l84eryBjMRqOnAd1Wue1SPq7w6EiQwUrn6rNchVVQCR2FTaNBeV7eOeh+EnU1pv9ak3kX4=

GET
H2 200 init.js Show response
www.dwin2.com/ 10 KB
5 KB 8ms
8ms Script
text/javascript 2600:9000:2156:e00:f:1dcc:7540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin2.com/init.js
Requested by: Host: www.dwin2.com
URL: https://www.dwin2.com/pub.531979.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:f:1dcc:7540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b2dffaf0181b05895947a7a1f9ce485cc24f2ae4e2fa6d565ed024489af2596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
date: Tue, 06 Jun 2023 02:00:56 GMT
last-modified: Tue, 06 Jun 2023 01:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 590
x-amz-server-side-encryption: AES256
etag: W/"36e53ea10c908bb4c567dc93a906d5b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=600
x-amz-cf-id: 6fQZCPGEZlB_guiSDnBHTvIEpDr-Apf68u_2QS-XStVgmMVc8pES7Q==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 15ms
14ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1095059811&t=pageview&_s=1&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&ul=en-us&de=UTF-8&dt=Clop%20ransomware%20gang%20exploits%20the%20MOVEit%20Transfer%20vulnerability%20to%20steal%20data%20%7C%20CSO%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEAjAAQCACAAI~&jid=721603573&gjid=474366574&cid=372335443.1686017445&uid=&tid=UA-300704-9&_gid=177774264.1686017445&_r=1&_slc=1&gtm=45He3650h2n81WR6LD2P&cg1=vulnerabilities&cg2=newsanalysis&cg3=Lucian%20Constantin&cg4=article&cg5=de&cd1=false&cd2=&cd3=&cd4=notapplicable&cd5=Tue%2C%2006%20Jun%202023%2002%3A10%3A44%20GMT&cd6=Tue%2C%2006%20Jun%202023%2002%3A10%3A44%20GMT&cd7=0&cd8=1&cd9=production&cd10=cso%20online&cd11=US&cd12=enterprise&cd13=false&cd14=&cd15=Web&cd16=&cd17=vulnerabilities&cd18=3308&cd19=vulnerabilities%2C%20ransomware%2C%20data%20breach&cd20=3308%2C%204046%2C%203346&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=newsanalysis&cd27=3698512&cd28=article&cd29=Lucian%20Constantin&cd30=cso&cd31=false&cd32=&cd33=&cd34=&cd35=&cd36=&cd37=false&cd38=1&cd39=2023-06-05&cd40=2023-06-05&cd41=0&cd42=0&cd43=false&cd44=false&cd45=&cd46=false&cd47=&cd48=&cd49=&cd50=&cd51=&cd52=&cd53=942&cd54=942%2C%2071%2C%20949&cd55=&cd56=&cd58=&cd59=&cd60=&cd79=de&cd80=global&cd81=false&cd82=false&cd84=&cd104=false&z=201022076

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 14 B
78 B 22ms
21ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 02:10:45 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
238 B 171ms
114ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3810&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1e9b163271d0ba86
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 172ms
115ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o2bzg&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ae97478092bc60d4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
213 B 178ms
122ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3cv9&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 08ccce47c9c99d0f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
214 B 175ms
118ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3804&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 366e6d27d626d859
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 169ms
112ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3800&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2d088c936a6bc60a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
214 B 184ms
128ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3811&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 117
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8bd2d3d38d2f1d76
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 118ms
114ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3812&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ac0a360e9cea8f37
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 118ms
114ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3815&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ef33e94f022813e3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 130ms
126ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3ao8&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: eb34abeef669bc85
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 122ms
118ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o381a&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 68fcabe9b12fa6ab
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 134ms
130ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3ao7&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 114
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9e61f259af4188e5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 127ms
123ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3cwm&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 46cf88459d1647e9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 130ms
127ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3cwh&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e2feb418afe8ac6d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 127ms
124ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3cwc&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 452b561da05f97e5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 133ms
130ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3cwb&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 113
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4a2f4516320379d3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
212 B 124ms
120ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3aok&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ae80cbedc2054967
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
209 B 133ms
129ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3aoj&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0b2f14ebdc51aed3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 134ms
131ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3aoe&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 114
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b1c64b4ea6058730
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 135ms
131ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3gt9&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 114
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 088a72e19423d19f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 127ms
124ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3jky&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fff9ffb1a6a810d6
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 133ms
130ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0j&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 020d8b4c6427736d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 128ms
125ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0l&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e765490b9e8c29dd
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 122ms
119ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0n&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5a8fd04e72774343
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 132ms
129ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0q&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 111
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 78d63acb704fb58e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
214 B 132ms
128ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0r&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 111
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1da9a5461671c761
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 135ms
132ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0t&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 117
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fcab605634ae2831
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
214 B 136ms
132ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0z&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 118
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e129ca1efd3dd9ac
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 128ms
125ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m12&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 157f4f812159f9c4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
212 B 134ms
131ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3siu&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3a3da431dd77e45d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 124ms
121ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o45cu&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8b68d6b64ced5af4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
208 B 124ms
121ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4o59&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 21fb1113227ab645
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 127ms
124ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4o5b&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 107
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e077f64b7e7f0f30
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
209 B 128ms
125ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4o5g&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e2312c8c664c0706
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 122ms
119ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4t22&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3cac5b7c2b590dab
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
209 B 125ms
122ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4t23&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9e6a33cfcdc82c05
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 124ms
121ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4t1y&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: dd513181f93ceece
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 122ms
120ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4t1z&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4d1bdfc48f9a95ab
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
210 B 126ms
123ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4tas&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: dbab87a3a6fc090f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
211 B 125ms
122ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o4tat&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:44 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 987d82cbe9f493b7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 pixel.gif
pixel.staticworld.net/ 67 B
285 B 315ms
215ms Image
image/gif 151.101.194.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.staticworld.net/pixel.gif?b=cso&e=view&t=article&id=3698512&ts=1686017445541&ip=
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.165 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230089-FRA
date: Tue, 06 Jun 2023 02:10:45 GMT
via: 1.1 varnish
last-modified: Tue, 28 Nov 2017 22:37:51 GMT
server: AmazonS3
x-amz-request-id: R26TEC3EQZER9MRB
x-timer: S1686017446.644929,VS0,VE208
etag: "c2db45a8f494c4b40095f4fd38d613fd"
x-cache: MISS
content-type: image/gif
accept-ranges: bytes
content-length: 67
x-amz-id-2: a7BzKRGEcJWE0OOq+retGGXiwEr8yYKT8cCvbZjaKH77x6255WSw1/Jv/k4aZEr8Qu8TMJdH/L4=
x-cache-hits: 0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 4 KB
1 KB 30ms
21ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 65b285a8b78f2d5042216b6041a4175f00b87c9f58c312c0d8519fb4b7d94126

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:46 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1034

GET
H2 200 sce
eb2.3lift.com/ 37 B
140 B 45ms
10ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?inv_code=tan_CSOOnline_MOAP&rev=e340837&e=Error%20getting%20gdpr%20CMPData%3A%20There%20was%20an%20error%20in%20the%20publisher%20CMP%20API%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27stack%27)&block=auction&lvl=3&dc=%7B%7D&cb=26058
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 auction Show response
tlx.3lift.com/web/ Frame A4CF 53 B
235 B 74ms
11ms Script
application/javascript 3.64.171.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/web/auction?inv_code=tan_CSOOnline_MOAP&referrer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&rev=e340837&fe=0&ft=0&cb=6761870472&gdpr=undefined

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e340837f583a50cea3f0e330583c33f5d73e2405/dist/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.171.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-171-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

fe3dc54b21621c3d634532c491e1749812caf405ec84b6d0329696147ef10492

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/article/3698512/clop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: application/javascript; charset=utf-8
pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 53
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 11ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=tan_CSOOnline_MOAP&aid=13658066070249215518420&rev=e340837&domain=www.csoonline.com&ref=https%253A%252F%252Fwww.csoonline.com%252Farticle%252F3698512%252Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&pr=un&rr=not_loaded&cb=53927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
254 B 44ms
16ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPs8KYAPs8KYAAGABCENDECgAAAAAH_AAAYgAAAOLAIMEAQAgAFIAAQAEAIQAAQhiQAgAAEFAIBQAAAECgAWVgEcoAAACAQAQgAAhBBQgQAAAAAAJCAABACwQAAACAQAAgAAAIAAEABAKACQEAAAAAJAQACAAECAAiAAAhCAgIgCCAFAAAAAKJDACAIMoACAQFAgAUApYBZwF5AMCAZGEgFAAIAESAMsAfsA_wEAANYAbQBMoDBgG3hQAgAOwBFADCASWGAAgLoDQBgBlgEAAIKAawA6oCKhAAEBdAiAKAMsAgABrADqgMjFQBABHADLAZGA3IZADAEcAMsBkY4ACAA4dAJAB8AWIAuYB1AD7ALtAZGA0QBt48AGACoARQCSyAAEAZpCAKAI4A6gC7QGRgNEIgAgAVAJiJAAQBmkoBQACAAPgCJAGEAXMA6gCKgF2gMjAbeUABAB_AIOUgDAFzANoAfYBdoDIwG3lQAgAKgAfABtASWA.YAAAAAAAAAAA&ct=4
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 06 Jun 2023 02:10:46 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
33 B 50ms
49ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 02:10:46 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
821 B 9ms
9ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Jun 2023 02:10:46 GMT
AN-X-Request-Uuid: 163e8e09-f9c0-46e3-9657-8a5b410f1f88
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.csoonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 217ms
72ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10778&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&p_screen_res=1600x1200&site_id=120794&zone_id=1276934&kw=rp.fastlane&tk_flint=index&rand=0.7627220169046238&gdpr=1&gdpr_consent=CPs8KYAPs8KYAAGABCENDECgAAAAAH_AAAYgAAAOLAIMEAQAgAFIAAQAEAIQAAQhiQAgAAEFAIBQAAAECgAWVgEcoAAACAQAQgAAhBBQgQAAAAAAJCAABACwQAAACAQAAgAAAIAAEABAKACQEAAAAAJAQACAAECAAiAAAhCAgIgCCAFAAAAAKJDACAIMoACAQFAgAUApYBZwF5AMCAZGEgFAAIAESAMsAfsA_wEAANYAbQBMoDBgG3hQAgAOwBFADCASWGAAgLoDQBgBlgEAAIKAawA6oCKhAAEBdAiAKAMsAgABrADqgMjFQBABHADLAZGA3IZADAEcAMsBkY4ACAA4dAJAB8AWIAuYB1AD7ALtAZGA0QBt48AGACoARQCSyAAEAZpCAKAI4A6gC7QGRgNEIgAgAVAJiJAAQBmkoBQACAAPgCJAGEAXMA6gCKgF2gMjAbeUABAB_AIOUgDAFzANoAfYBdoDIwG3lQAgAKgAfABtASWA.YAAAAAAAAAAA&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 61014ec2dbabaf7f5934160101f526ac7a8aa5aac61fe6a946d45a0f4369344c

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
294 B 238ms
93ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10778&size_id=8&rp_floor=0.01&rf=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&p_screen_res=1600x1200&site_id=120794&zone_id=1276934&kw=rp.fastlane&tk_flint=index&rand=0.7337195420123779&gdpr=1&gdpr_consent=CPs8KYAPs8KYAAGABCENDECgAAAAAH_AAAYgAAAOLAIMEAQAgAFIAAQAEAIQAAQhiQAgAAEFAIBQAAAECgAWVgEcoAAACAQAQgAAhBBQgQAAAAAAJCAABACwQAAACAQAAgAAAIAAEABAKACQEAAAAAJAQACAAECAAiAAAhCAgIgCCAFAAAAAKJDACAIMoACAQFAgAUApYBZwF5AMCAZGEgFAAIAESAMsAfsA_wEAANYAbQBMoDBgG3hQAgAOwBFADCASWGAAgLoDQBgBlgEAAIKAawA6oCKhAAEBdAiAKAMsAgABrADqgMjFQBABHADLAZGA3IZADAEcAMsBkY4ACAA4dAJAB8AWIAuYB1AD7ALtAZGA0QBt48AGACoARQCSyAAEAZpCAKAI4A6gC7QGRgNEIgAgAVAJiJAAQBmkoBQACAAPgCJAGEAXMA6gCKgF2gMjAbeUABAB_AIOUgDAFzANoAfYBdoDIwG3lQAgAKgAfABtASWA.YAAAAAAAAAAA&alt_size_ids=9
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: baa3c8f0c674944a98457d52da88329fed08e06471bb5335d994e4fd95352daf

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 259
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
275 B 228ms
84ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10778&size_id=57&rp_floor=0.01&rf=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&p_screen_res=1600x1200&site_id=120794&zone_id=1276934&kw=rp.fastlane&tk_flint=index&rand=0.00645275488882624&gdpr=1&gdpr_consent=CPs8KYAPs8KYAAGABCENDECgAAAAAH_AAAYgAAAOLAIMEAQAgAFIAAQAEAIQAAQhiQAgAAEFAIBQAAAECgAWVgEcoAAACAQAQgAAhBBQgQAAAAAAJCAABACwQAAACAQAAgAAAIAAEABAKACQEAAAAAJAQACAAECAAiAAAhCAgIgCCAFAAAAAKJDACAIMoACAQFAgAUApYBZwF5AMCAZGEgFAAIAESAMsAfsA_wEAANYAbQBMoDBgG3hQAgAOwBFADCASWGAAgLoDQBgBlgEAAIKAawA6oCKhAAEBdAiAKAMsAgABrADqgMjFQBABHADLAZGA3IZADAEcAMsBkY4ACAA4dAJAB8AWIAuYB1AD7ALtAZGA0QBt48AGACoARQCSyAAEAZpCAKAI4A6gC7QGRgNEIgAgAVAJiJAAQBmkoBQACAAPgCJAGEAXMA6gCKgF2gMjAbeUABAB_AIOUgDAFzANoAfYBdoDIwG3lQAgAKgAfABtASWA.YAAAAAAAAAAA&alt_size_ids=55
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 321b165ce9f200786fb65831f6ffc23a6c191c410d44f5ba79740cfc1fe277eb

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
502 B 189ms
45ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10778&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&p_screen_res=1600x1200&site_id=120794&zone_id=1276934&kw=rp.fastlane&tk_flint=index&rand=0.8007391721188051&gdpr=1&gdpr_consent=CPs8KYAPs8KYAAGABCENDECgAAAAAH_AAAYgAAAOLAIMEAQAgAFIAAQAEAIQAAQhiQAgAAEFAIBQAAAECgAWVgEcoAAACAQAQgAAhBBQgQAAAAAAJCAABACwQAAACAQAAgAAAIAAEABAKACQEAAAAAJAQACAAECAAiAAAhCAgIgCCAFAAAAAKJDACAIMoACAQFAgAUApYBZwF5AMCAZGEgFAAIAESAMsAfsA_wEAANYAbQBMoDBgG3hQAgAOwBFADCASWGAAgLoDQBgBlgEAAIKAawA6oCKhAAEBdAiAKAMsAgABrADqgMjFQBABHADLAZGA3IZADAEcAMsBkY4ACAA4dAJAB8AWIAuYB1AD7ALtAZGA0QBt48AGACoARQCSyAAEAZpCAKAI4A6gC7QGRgNEIgAgAVAJiJAAQBmkoBQACAAPgCJAGEAXMA6gCKgF2gMjAbeUABAB_AIOUgDAFzANoAfYBdoDIwG3lQAgAKgAfABtASWA.YAAAAAAAAAAA
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b07075c86062f4f1b3d8604f15f3944b5650eeb4861bb34411a00b5bb5baf020

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
522 B 12ms
10ms XHR
application/json 3.64.171.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?inv_code=csoonline_ros_300x600&lib=ix&size=300x250%2C300x600&referrer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&v=2.1.2&tmax=1000&gdpr=true&cmp_cs=CPs8KYAPs8KYAAGABCENDECgAAAAAH_AAAYgAAAOLAIMEAQAgAFIAAQAEAIQAAQhiQAgAAEFAIBQAAAECgAWVgEcoAAACAQAQgAAhBBQgQAAAAAAJCAABACwQAAACAQAAgAAAIAAEABAKACQEAAAAAJAQACAAECAAiAAAhCAgIgCCAFAAAAAKJDACAIMoACAQFAgAUApYBZwF5AMCAZGEgFAAIAESAMsAfsA_wEAANYAbQBMoDBgG3hQAgAOwBFADCASWGAAgLoDQBgBlgEAAIKAawA6oCKhAAEBdAiAKAMsAgABrADqgMjFQBABHADLAZGA3IZADAEcAMsBkY4ACAA4dAJAB8AWIAuYB1AD7ALtAZGA0QBt48AGACoARQCSyAAEAZpCAKAI4A6gC7QGRgNEIgAgAVAJiJAAQBmkoBQACAAPgCJAGEAXMA6gCKgF2gMjAbeUABAB_AIOUgDAFzANoAfYBdoDIwG3lQAgAKgAfABtASWA.YAAAAAAAAAAA&us_privacy=1---

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.171.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-171-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
522 B 12ms
10ms XHR
application/json 3.64.171.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?inv_code=csoonline_ros_970x250&lib=ix&size=970x250%2C970x90&referrer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&v=2.1.2&tmax=1000&gdpr=true&cmp_cs=CPs8KYAPs8KYAAGABCENDECgAAAAAH_AAAYgAAAOLAIMEAQAgAFIAAQAEAIQAAQhiQAgAAEFAIBQAAAECgAWVgEcoAAACAQAQgAAhBBQgQAAAAAAJCAABACwQAAACAQAAgAAAIAAEABAKACQEAAAAAJAQACAAECAAiAAAhCAgIgCCAFAAAAAKJDACAIMoACAQFAgAUApYBZwF5AMCAZGEgFAAIAESAMsAfsA_wEAANYAbQBMoDBgG3hQAgAOwBFADCASWGAAgLoDQBgBlgEAAIKAawA6oCKhAAEBdAiAKAMsAgABrADqgMjFQBABHADLAZGA3IZADAEcAMsBkY4ACAA4dAJAB8AWIAuYB1AD7ALtAZGA0QBt48AGACoARQCSyAAEAZpCAKAI4A6gC7QGRgNEIgAgAVAJiJAAQBmkoBQACAAPgCJAGEAXMA6gCKgF2gMjAbeUABAB_AIOUgDAFzANoAfYBdoDIwG3lQAgAKgAfABtASWA.YAAAAAAAAAAA&us_privacy=1---

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.171.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-171-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
accept-ch: sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
541 B 54ms
24ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=321754
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8449d17bcc3ed69f93b94d91a0270552479cba4ea075045f026a484be28959ae

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcQ3kDUNz2aCGXtQWGJ%2BBOXG1B0mHsuKZtHaEuzdMBZKZ60QxVEt6K1dHFlcqlf%2Bek1U9aiNlbqJ%2BdyZdrEM2czTwNbVKwaP9F4uEsTrFE1p2UNqhAsX%2F9D231iACbjr8W1WKPaM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7d2d1ef14f141965-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30
expires: 0

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
113 B 111ms
110ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3814&p_id=Twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 06 Jun 2023 02:10:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 7eab728a23af8f25
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 115ms
113ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o37zy&p_id=Twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 06 Jun 2023 02:10:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 804426cb191dd63f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
91 B 120ms
119ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3cvw&p_id=Twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 06 Jun 2023 02:10:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 594c9ba6a0a371e9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
88 B 115ms
114ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0y&p_id=Twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 06 Jun 2023 02:10:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: cceb8f8684a02e2c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
93 B 120ms
119ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o575m&p_id=Twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 06 Jun 2023 02:10:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: efa67cac8d1ed996
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 113ms
112ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o575w&p_id=Twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 06 Jun 2023 02:10:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 84f93be32b335fe5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 587cc8aea113b73ef59038376d72403d55ba57182ce22b7b4186cd6f8f5aa820
content-length: 43

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
484 B 59ms
20ms XHR
text/plain 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=321754&u=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3698512%2Fclop-ransomware-gang-exploits-the-moveit-transfer-vulnerability-to-steal-data.html&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-47728333013839.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGxBEv0N3Pa5Cb6x9%2Fj60rRyUVTsO4UvCnPxgqONlZFTlNtoAeUWqvuEl6yviBcyvgeMoFLCUY9IjPBlr2Nc3%2BLOs1Y9WMi9rhIcgbLgDLqMY%2FgHxHP%2Fzpj401jG1ec4E4PdPQ8qT0s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7d2d1ef2dd573810-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 601 B
252 B 17ms
17ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 75514cd3230e28dd8208a253b01d30a8edf978a921f37948780fc5e654e3ca1b

Request headers

Referer: https://www.csoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 06 Jun 2023 02:10:47 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234

GET
H2 200 sce
eb2.3lift.com/ 37 B
139 B 13ms
12ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?inv_code=tan_CSOOnline_MOAP&aid=13658066070249215518420&rev=e340837&e=Error%20getting%20gdpr%20CMPData%3A%20There%20was%20an%20error%20in%20the%20publisher%20CMP%20API%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27stack%27)&block=auction&lvl=3&dc=%7B%7D&dup=1&cb=56571
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 481E
Redirect Chain

https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015
https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1

1 KB
2 KB

10ms
10ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e340837f583a50cea3f0e330583c33f5d73e2405/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 7f18ce97bbce9610fe493d6068086201ca833f78011bfedbb9cd47fa06218061

Request headers

Referer: https://www.csoonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1114
content-type: text/html; charset=utf-8
date: Tue, 06 Jun 2023 02:10:47 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 06 Jun 2023 02:10:47 GMT
location: /sync?max=10&gdpr=false&cb=43015&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 481E 70 B
264 B 32ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 06 Jun 2023 02:10:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

ebda
eb2.3lift.com/ Frame 481E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D&google_tc=
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 481E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM539PYBfkB4xEpgcq-NUok&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

11ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM539PYBfkB4xEpgcq-NUok&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 06 Jun 2023 02:10:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEM539PYBfkB4xEpgcq-NUok&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 481E
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D&google_tc=

170 B
243 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjI1MzI4MzMwNDI4NTk2OTU0NjU4NA%3D%3D&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 481E 0
647 B 171ms
112ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2253283304285969546584&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:47 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C2141414726347149C0D463CC780EB4E Ref B: FRAEDGE1207 Ref C: 2023-06-06T02:10:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9bIcMXd5dopyr0ZLycw==

GET
H2

200

xuid
eb2.3lift.com/ Frame 481E
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=2253283304285969546584&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2253283304285969546584&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=70&user_id=6563765117290612931&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=2aea1251-450d-4293-aac8-226468a7fb61&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

12ms
11ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=2aea1251-450d-4293-aac8-226468a7fb61&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 06 Jun 2023 02:10:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: //eb2.3lift.com/xuid?mid=2409&xuid=2aea1251-450d-4293-aac8-226468a7fb61&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 06 Jun 2023 02:10:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 481E 42 B
669 B 62ms
33ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=2253283304285969546584&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:46 GMT
last-modified: Thu, 04 May 2023 15:33:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1FB0262E22C24C52B7E4ED91A47687A8 Ref B: FRA31EDGE0109 Ref C: 2023-06-06T02:10:47Z
etag: "6de038c69d7ed91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 2253283304285969546584
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame 481E 43 B
426 B 237ms
33ms Image
image/gif 2a05:d018:d29:3601:78d2:f403:256d:1a22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/triplelift/2253283304285969546584?gdpr=0&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:78d2:f403:256d:1a22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

xuid
eb2.3lift.com/ Frame 481E
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0

37 B
139 B

10ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma: no-cache
Date: Tue, 06 Jun 2023 02:10:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 481E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=3259255090954900982&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

12ms
12ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=3259255090954900982&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=43015&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 06 Jun 2023 02:10:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Tue, 06 Jun 2023 02:10:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: af1ff9c9-fcbd-49c2-a3df-4b54384bad44
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=3259255090954900982&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 32ms
32ms Image
image/gif 52.209.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=7324b768-21cd-46aa-88e6-b106913ba2e2&ntv_fl=sx1m-i7rb_31l_AoDvFzpBxUEUS5YP4jo7iARt1b1bZAsiIrXTI1_zk9IEThoptl1v-qP7HbjR1ZuWERLLpwD5bOWweqiOqGAegWjNFvicXrj0ymHOBUm4jshLYMb1rDHfy-FFFjFJ9p07d7410OcHb3eXlsqKxA8oi5EwY_I9pUAa2wwJfQwsHS1xl1rbZomZ1Dbgsk3d54YJwNmGXmqYMApX4sd0vd3Z2y8UBe6r2Bxxz3Y0_Bkd9Gpahsigm2T8RXCfxNvvcr2hhStamcDdkg4d4gzyyIs9oploRqbJc=&ntv_ht=pJV-ZAA&ntv_at=808&ntv_a=AAAAAAAAAAYwIMA&ntv_sat=5&ord=1686017448191&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.97.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-97-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 02:10:48 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
767 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 02:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 00:51:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 02:10:49 GMT

GET
H2 200 CSO_Logo_Social_Media.jpg
cdn.subscribers.com/uploads/setting/modal_image/44542/ 125 KB
126 KB 19ms
19ms Image
image/jpeg 2606:4700:10::ac43:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.subscribers.com/uploads/setting/modal_image/44542/CSO_Logo_Social_Media.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2b3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e63447566912dc84f4348c82e9908103e6cb5ac56ac63d986ffb2ac5ff0534c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 02:10:49 GMT
cf-cache-status: HIT
x-amz-request-id: R9YPWR0QEVTAQRHB
age: 3752
x-amz-server-side-encryption: AES256
content-length: 128308
x-amz-id-2: jA3zXtOKAAuYIXn4KfK4glsuDqt7M+rKzyWk+SAtcjyhpGefDOeCMRxRqK3crjWmpejTNdiRN3E=
cf-bgj: h2pri
last-modified: Fri, 13 Jan 2023 17:50:25 GMT
server: cloudflare
etag: "4001e6c240f4c3ea2b08fdf1950a3b6a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d2d1f00c89590dd-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 22:48:48 GMT
x-content-type-options: nosniff
age: 530521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 22:48:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.csoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:10:14 GMT
x-content-type-options: nosniff
age: 554435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 16:10:14 GMT

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.csoonline.com/www.idge/css/webfonts	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/www.idge.cso/css	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/article/3698512	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/www.idgcsmb/css	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/article/3698512	1969-12-31 23:59:59	Name: idg_client_ip Value: 81.95.5.42
www.csoonline.com/www/js/jquery	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/www.idge/css	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/www.idge/js	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/www/js/ads	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/www/css	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/www/js	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
www.csoonline.com/napi	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
.3lift.com/sync	1970-01-20 14:29:53	Name: sync Value: CgoIoQEQp6zi84gxCgoI4gEQp6zi84gxCgoI5gEQp6zi84gxCgoIhwIQp6zi84gxCgkICRCnrOLziDEKCQg6EKes4vOIMQoJCAsQp6zi84gxCgoIjAIQp6zi84gxCgkIXxCnrOLziDEKCQgfEKes4vOIMQ==
www.csoonline.com/ads	1969-12-31 23:59:59	Name: fastlyCountryCode Value: DE
.csoonline.com/	1970-01-20 12:21:43	Name: aiia Value: true
www.csoonline.com/	1970-01-20 13:03:29	Name: _sp_v1_uid Value: 1:627:57b7fb14-91b5-46e3-8b83-e3b775f2dd45
www.csoonline.com/	1970-01-20 13:03:29	Name: _sp_v1_data Value: 2:591288:1686017444:0:1:0:1:0:0:_:-1
www.csoonline.com/	1970-01-20 13:03:29	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKpiIjD8QwqI3ViVFKBTHzSnNygOwSsILq2mEjoRQLAKUpDPRAAQAA
.csoonline.com/	1970-01-20 16:43:48	Name: permutive-id Value: 9df51307-ef1e-461e-b89e-f05a291f12ce
.csoonline.com/	1970-01-20 21:05:53	Name: consentUUID Value: 37438dc3-d230-461e-bd18-141aaa132d3e
.f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co/	1970-01-20 14:32:46	Name: pxid Value: df8a4322-4c0f-4234-82cf-55c350e04b4e
.postrelease.com/	1970-01-20 21:05:53	Name: opt_out Value: 1
www.csoonline.com/	1970-01-20 12:20:19	Name: inSession Value: true
www.csoonline.com/	1970-01-20 21:56:17	Name: firstSessionDate Value: Tue, 06 Jun 2023 02:10:44 GMT
www.csoonline.com/	1970-01-20 21:56:17	Name: currentSessionDate Value: Tue, 06 Jun 2023 02:10:44 GMT
www.csoonline.com/	1970-01-20 21:56:17	Name: sessionNumber Value: 1
www.csoonline.com/	1970-01-20 21:56:17	Name: lastSessionDate Value: Tue, 06 Jun 2023 02:10:44 GMT
www.csoonline.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":5415965,"placementID":787043,"lastInteraction":1686017444958,"sessionStart":1686017444958,"sessionEndDate":1686096000000,"experiment":""}
.csoonline.com/	1970-01-20 21:56:17	Name: _ga_LKE46QM5TV Value: GS1.1.1686017445.1.0.1686017445.0.0.0
.csoonline.com/	1970-01-20 21:05:53	Name: ccpaUUID Value: 57feb065-603a-4195-aa8c-a843556313d4
.csoonline.com/	1970-01-20 21:05:53	Name: dnsDisplayed Value: true
.csoonline.com/	1970-01-20 21:05:53	Name: ccpaApplies Value: false
.csoonline.com/	1970-01-20 21:05:53	Name: signedLspa Value: false
www.csoonline.com/	1970-01-20 21:05:53	Name: ntv_as_us_privacy Value: 1---
.csoonline.com/	1970-01-20 12:20:21	Name: AMP_TOKEN Value: %24NOT_FOUND
.csoonline.com/	1970-01-20 21:56:17	Name: _ga Value: GA1.2.372335443.1686017445
.csoonline.com/	1970-01-20 12:21:43	Name: _gid Value: GA1.2.177774264.1686017445
.csoonline.com/	1970-01-20 12:20:17	Name: _gat_UA-300704-9 Value: 1
.twitter.com/	1970-01-20 21:56:17	Name: personalization_id Value: "v1_qpJNgkGMKl1ydJZFSlJcSA=="
.3lift.com/	1970-01-20 14:29:53	Name: tluid Value: 2253283304285969546584
.adnxs.com/	1970-01-20 14:29:53	Name: uuid2 Value: 3259255090954900982
.bidswitch.net/	1970-01-20 21:05:53	Name: tuuid Value: 2aea1251-450d-4293-aac8-226468a7fb61
.bidswitch.net/	1970-01-20 21:05:53	Name: c Value: 1686017447
.bidswitch.net/	1970-01-20 21:05:53	Name: tuuid_lu Value: 1686017447
.bing.com/	1970-01-20 21:41:53	Name: MUID Value: 0F65C0BDAF3564900D2CD395AE99656D
.c.bing.com/	1970-01-20 12:30:22	Name: MR Value: 0
.doubleclick.net/	1970-01-20 21:41:53	Name: IDE Value: AHWqTUm9Q_eJdRKptXYfb1pOgcWl05YNUzXWL0w2b--8DOS4D65jqe8RApBU0PYrjHg
.adform.net/	1970-01-20 13:03:29	Name: C Value: 1
.linkedin.com/	1970-01-20 21:05:53	Name: bcookie Value: "v=2&0c9f970f-7f6a-40d4-8d71-ec2d9395af8e"
.linkedin.com/	1970-01-20 16:39:29	Name: li_gc Value: MTswOzE2ODYwMTc0NDc7MjswMjGDnp3OLBHN1Jit6nLgqlZ9/MaA6a9QKEMY/bAoHnSZ6Q==
.linkedin.com/	1970-01-20 12:21:43	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2938:u=1:x=1:i=1686017447:t=1686103847:v=2:sig=AQHjm-gQX0NGfCWNLTDjhmsK06jbin5J"
.adform.net/	1970-01-20 13:46:41	Name: uid Value: 6563765117290612931

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPs8KYAPs8KYAAGABCENDECgAAAAAH_AAAYgAAAOLAIMEAQAgAFIAAQAEAIQAAQhiQAgAAEFAIBQAAAECgAWVgEcoAAACAQAQgAAhBBQgQAAAAAAJCAABACwQAAACAQAAgAAAIAAEABAKACQEAAAAAJAQACAAECAAiAAAhCAgIgCCAFAAAAAKJDACAIMoACAQFAgAUApYBZwF5AMCAZGEgFAAIAESAMsAfsA_wEAANYAbQBMoDBgG3hQAgAOwBFADCASWGAAgLoDQBgBlgEAAIKAawA6oCKhAAEBdAiAKAMsAgABrADqgMjFQBABHADLAZGA3IZADAEcAMsBkY4ACAA4dAJAB8AWIAuYB1AD7ALtAZGA0QBt48AGACoARQCSyAAEAZpCAKAI4A6gC7QGRgNEIgAgAVAJiJAAQBmkoBQACAAPgCJAGEAXMA6gCKgF2gMjAbeUABAB_AIOUgDAFzANoAfYBdoDIwG3lQAgAKgAfABtASWA.YAAAAAAAAAAA&ct=4 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alt.idgesg.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
api.ipify.org
api.permutive.com
api.rlcdn.com
as-sec.casalemedia.com
b1sync.zemanta.com
c.bing.com
c1.adform.net
ccpa-service.sp-prod.net
ccpa.sp-prod.net
cdn.brandmetrics.com
cdn.jwplayer.com
cdn.permutive.com
cdn.subscribers.com
clients1.google.com
cm.g.doubleclick.net
cmp.csoonline.com
cmpv2.csoonline.com
cse.google.com
d2zv5rkii46miq.cloudfront.net
eb2.3lift.com
f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
idge.staticworld.net
images.idgesg.net
images.techhive.com
jadserve.postrelease.com
js-sec.indexww.com
match.adsrvr.org
p.typekit.net
pixel.staticworld.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.google-analytics.com
s-jsonp.moatads.com
s.ntv.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
tlx.3lift.com
use.fontawesome.com
use.typekit.net
w.soundcloud.com
www.csoonline.com
www.dwin2.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
z.moatads.com
104.18.10.47
104.18.25.185
104.19.149.54
104.237.62.211
104.244.42.67
108.138.36.28
108.138.36.58
13.32.99.23
142.250.186.130
151.101.194.165
2001:4860:4802:34::36
23.21.213.43
23.32.185.123
23.32.185.42
2600:9000:20c3:c200:17:5578:e080:21
2600:9000:2156:e00:f:1dcc:7540:93a1
2600:9000:225e:b000:1:a3fa:7cc0:93a1
2602:803:c003:200::41
2606:4700:10::ac43:2b3c
2606:4700:20::681a:d12
2606:4700:e2::ac40:850f
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a02:26f0:3500:16::215:1495
2a05:d018:d29:3601:78d2:f403:256d:1a22
3.64.171.66
3.66.125.92
34.107.254.252
34.120.133.55
35.241.9.51
35.71.131.137
37.157.5.133
37.252.171.149
52.209.97.79
64.202.112.95
76.223.111.18
99.84.88.27
99.84.88.40
99.84.88.94
0185cd1b5473b45e10bc00a3ce552383f9c909ea33c5e5aff496be3f70fdd353
02d2940a00290f3a9e4955de7821626688c0cacde8c97c762838e6b40ab22926
03643efcf63e8fbfe6571cd0f1a4ce49f8575a7bee74f2e9fd7fab344e474e48
049a68941716e853aefd214e9fd02b920da3e890278b507323fe50933d3d19d7
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053d5c873a012d89c7a079d097426cfddb18b28494a55c51eff89e0294540dfd
06c72ef9353a39000f14acb8c982d9241484108af590496e9594f217c6802bc2
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b2dffaf0181b05895947a7a1f9ce485cc24f2ae4e2fa6d565ed024489af2596
0b5357a29273b9ceab1faa9dfdff683789983c502fd8d59f4cb62a0815ac1f7c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0084a5075fbd8177e85f6e8d5401f016387735fd92accf20ce5d5da375befa
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0dbf4106e062b56a7d4db32cb448fad76e1aad0bf204b8569091bdcb5abed21e
0f6f002861bd83ee77f252a7d0d84f00167a6ebe1392af0814aec41463edfa39
1104b2d009e0442e2c4c6c1ddf1ebd49ea3a90aaa1ab81f274f70e581113c9f6
11cee06f13221dea8fa5ddb99d54510eb7831fd51aa6f8610820c5a471af58a2
120fb2279d5061dd4a428f935fdf10c09e95c1f2ec0346f7aaf6c8b7f382cf49
178927b65afb5ad2b16ff8268ad6e840ff2d8b6dea202db85ff7ad493c5e81b4
17c26bfbfbcb9dcedb124c13cebcf3b564029348657e0454932736aece1d68b8
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b197985c0bef8bc365381bd16e15dccf184eb33d0abf0afdb4f567da2000fb2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d7b1c5add3c5528fe12f809aff8678f0793b2bca47313429d242b607651aad1
20c582bceb348344872811c400dea6c6f2f8cb7e5c547a9a41d8a072d4c5f08d
21ce85a4748bf10989839f43d9da57c3d3303584ead5261ead77732a5184c196
227c7b295dd2359a1a3db3c8458f2081704b18e41be7da8076f04262ba3bcc56
27ac94d9c50d094c3985e550dcf7f2dd940124539ebf10b33c6093649b5912ee
2aa4924d40619a50c69124b81159e9d183bf42ed9792d2bdf442ce232fc53221
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
321b165ce9f200786fb65831f6ffc23a6c191c410d44f5ba79740cfc1fe277eb
3472bf5f9320c4b1df7296ee201873128a3cc7db522928274ed50ce0427b190b
356b294ef4bca003a289221d99cabd5cc2d4a719a9beaf59842aa3d5b83253ed
3d5629a5cbadabfd67e7c99b9e71569f356ebf7fddabd5b3c24e37b49a48c605
413215e01c47f149df91c6d2281bc5288980420466333b3190d2807c1a5a6966
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
464e7cde418a559c5035942d1ab154d5d906f378f256a0dd39848d197df6180d
46f7931d40c8e0fd7a9738e54bd36430a56d511047fc85b8a2afe6f27cc06a9f
47c749c888c850505d68f2745651928d8aec9a6802d6a8b20869fa114af92277
48594162fadd244f2afa2f3f1e02795f6a04a14398ffc78779bfada998d2b7b7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c19de2a2807b21157d84619e86d71d6afbf4ecf0ee81b0facc3d0b0bfd19f5b
4c8d2ebc94fc9fbb0ce45ce5086f3c3cf15f50104ffc4b3fc027a216cf9e237e
4e6b5fc328bac95eec2e30afa8a58224c9accc6d70daf0e864d75c4c6d07fe94
4f4ed0e81c2f0016d06ae816dd872edc04e97612c9d36f2f3f4475f2954e7fcc
5156e9286b87b1e03f6151c2bb29ad54d2b9da4df874a23c742a0693bdc209a1
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
55e8d16bb1a291b0524928dd3bd20c191a14d8a947e4b141271f9c595c7bb451
5d59ba61fff4fd336c5735d54fcf8c11a090938ba68eb8ea1c573fb6ba3ac89c
5e0784f265f20230748207a0c6311051fc3feb34622c64464a47465a6623119b
5f1b5087fa315ca0fd65c68e2ef58ce1c33fee26d59cd0fce07458afa3f2fe8f
607bfd152e5c762ba0f0502f653c7bbb546ad7955e792a9840d4ae28a8219423
60e61bcf02fa91860ade858630d35c21aa624b5a421d03e06e1c3de11d5d9ecb
61014ec2dbabaf7f5934160101f526ac7a8aa5aac61fe6a946d45a0f4369344c
6467b42b646c644d356adf8dc595da52488b944fb5a0b2a7cb14aee4ad66ef19
65b285a8b78f2d5042216b6041a4175f00b87c9f58c312c0d8519fb4b7d94126
66b5ca68288cc2506f1c5709fe38cebccca428406a7ce96e392718203666d503
66ea0c6fa4034dbeae9784e34b02aeb748608ba8c2576e1b08fabd965712ad99
676aa6d4090a54ea6893484095f55c80659fb8538db100cdb8ce1dc82bab42b8
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
6ccbc734f00e46668252ae9d10341f50adabda27ba89547f1700899ed85f5338
6e5e58e4604484e2e5dfad6ce515e5e40c63ba836627d1d45fd7cac13d334f97
6e8c26c6320c978215154055c56331c307c092ab5bb1ef2d0f6571ce95ba5a31
71a9f7971618b14dc4014c55de13c36da054db21b986c50a6d112eaf9e366418
729acdb88a3ec383e54cd9a31fb68c31f2428ab5d3436d2dfb3aec59bcb98763
729d23030a2bec2d0ba2cd51eab050ebd03d4ca18cd4de8f8e008194125d3f70
75514cd3230e28dd8208a253b01d30a8edf978a921f37948780fc5e654e3ca1b
76c910bb824e43c77431224a89550f49bade4de45b824c1cfc7e94144090dc43
7b04d6ce2f17eeb96bf52a53711114a4bfef440bcb40927f77d395d549fe53d1
7bf61c7f2b1f0a79d9efed4e02525f461b5e4892ce737a07fe81f54837155fc7
7f18ce97bbce9610fe493d6068086201ca833f78011bfedbb9cd47fa06218061
83d86c9e7359ed844c0e7682abcd5cdb65222d421c61156f17791ac6c2650274
8431578ff5524fd3641c2f36972e9f9cf81aa80af0944d8842fe226de6f19b5a
8449d17bcc3ed69f93b94d91a0270552479cba4ea075045f026a484be28959ae
85984ed98244e5e42022ad4c2a0a8908f6ea41a9c43b912821b6a295cba2ea49
8982bee74ee4a24031eea6ffe2cf2a3a41b3eee01490dfb4b8a641ef69dc923f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9473af41ec87b6f7366cc37b5ade750f75871a2fb4bddeafe3464645d5ae8989
96753f997cca08f5d79ee77443fec431dc00ed61d45d8d36fd2d8584a20aa198
96b94268dcf8df15beb19f7d7ffb2617ace4f672d8aaf9f21d9ea49cdecbaae7
97a17322c28c2600d3664fac2d00475ab44467fc9ee9326cea3bba7ea5f7a1b6
9844fb443bd322af1d908116fa890abdbed6b8b6fe73fba91c9beb8408318aad
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9eb5f4aaf681528b1c83e13a0e9302e9f05132372e35dbc96c95485198028d56
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a57a9ec711144c085f1ee9dec14fd091371885b5bc338a942d92f1460c06ffd7
a5e5c781317ce492049cb1f9e1deec67c47bbe5dbd03ec12f688cf7a221a79f2
a739dbffc4a907c1f133b4b26e0daf544ea743218bba5704a910313b0ef3ac10
a95ff5717cbb58f3acad7822a2413f4fac3d5c0fa1782f877067bb68e850c823
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad20d2d42fcbd58ad9c50a6e53db21bf4425be6f8237a41f109c2717c30b4067
af34f58ea2fc346a5f7028ad8b721a9bb31405cf283471a37dab53bad10a6a36
b07075c86062f4f1b3d8604f15f3944b5650eeb4861bb34411a00b5bb5baf020
b1c7b0d1505f8ee7de88bfad7de89af2514174595bc36a2f00a016a98c3189d8
b42412a0e2fd452601f89dc9119e8dc4c563d204e6a54ba2f91e7c046f9de3a4
b52e06f854795718703ef9723b47a9a23edcbe2ae53ff261926d8d6059056cfe
b59054e128a42511aa22399d02cd8365ac1c66a6efe6f4f11cfe1ae16284db0c
b5a291b53145791eb26ce6e36a5e4d81b79a8d6f477928f9f5b72ec0b6d0f5d5
baa3c8f0c674944a98457d52da88329fed08e06471bb5335d994e4fd95352daf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdfe5b167ff906b96e1f8f028ac8f5e41af7a1892d0cc3a275d28057ba79c0a9
c2787f84ac525e6b202f56eb25ef03f40017d11100280dd6f3866cadb4d1f50c
c383325844c6616d85a4a44e0a85429ba586eecf8c807bfc06368ceb30ef09e2
c5d492c511f48abbfa3e77559fd35575dbede797bd4777d28acea42e728d569b
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccf77f390ce6fd71f2edeb05e72bfacf6bfbd2dbbdc9edfd99cf87100f402185
cdf2700459ab474c9e19ccf7a3b9c6044a6cf2f2ff7bb0e1ab7bde2304409c87
cf5d92a16047c75a0d99acb04a68e4ab4ffa5c903103bc74df11e58d7a38994c
cfd65e299072d509981227de13e5b5f213375a2ee655518d6d96d316e48a1aeb
d0d5886513eda3107d1e40683961d54cac4de14f95f2656b848d1c019293c2a7
d2aae940b6d023c99cbd656bbd0868f51bcf4a93455efef42cc95d8a4c7bceca
d2d4f317dcf44ab195d049f781fd353562cf0fa08474e0c659f0fa06609d5529
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d812930726ce29dd3b9d1dae01e74e4f383a19c49526e11a484a7cc8a50ec5aa
db29aa88ea3a11062a7dc45fcc65be9b8dc3fff9c849078dd6809d35974e86ec
dc1f34948cbeccb66c1b22633753475c2b3bd39c85c3f4695afba334a7f1fc75
dcb3e51a64f948ed5302183e2a8e5ecf9e84f8e86e8cd40fc5d18485fbb2c074
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dec024651598aa96db709baa6ade41b4205cb87eeeb88a8f96aa57c3dff948fe
e09fbd583a70f558a1d941f785b393b785030c7b12dece108722fae94595cba2
e0c629f4ece53000517c7077027971a1dea36ec8c9daac30b7655bcbca84b00a
e29f8a9b134eaec2eb1c84a2e212a60e85c78cec2cf83ad26214665b3cfa1861
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63447566912dc84f4348c82e9908103e6cb5ac56ac63d986ffb2ac5ff0534c7
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ebb85dc814b0a049df31e344c469b22ac5ea21c710d617e707afe279bdbba8bf
ebd96e2407b461086d487e9bee053368f83b71783544efb9dcf53e8766b5331f
ef7755857c07a98436dce7c81f0071da4925b63aa320f6a600eafdc08d620f5f
f0b97fc49950832323730d508911fa12bd098eca0670ccb3a18ada5af3a34699
f29470a00a38e67eebce4034acc0b39bbdb2bb5cde8fa209800f3639c69a4376
f370d6bd05df8e6a5b671f06e038c4d85d95dc5446fdeb8f8762e817882a8322
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bbd3540733be952a2921b2e4716d3b5190d5897510efcf9baa09649a1eaedf
fb6b1425ff73fe62d725a3981ac08d9f57e16e14d5ae321c617e21e1d7403d1f
fbbbac05b654e9de243f6e42f41efa36522598661a05b5d84b7614d7effba3d6
fc630eae66d14c714e935e9686b763aab14adc301890a57262408ee4bd401978
fd66d8dc41c06a99c3877934b3af8d38de72f3a94db252c0b9474bec35014491
fdd0e4ceb7816d534c20254bb2e4fce09f6b0407b940487a34cae4b087f1c5ab
fe3dc54b21621c3d634532c491e1749812caf405ec84b6d0329696147ef10492
fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6

www.csoonline.com Open in urlscan Pro 151.101.194.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

228 Requests

96 %HTTPS

43 %IPv6

41 Domains

57 Subdomains

45 IPs

6 Countries

2311 kBTransfer

7153 kBSize

52 Cookies

24 Outgoing links

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.csoonline.com Open in urlscan Pro
151.101.194.165 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

96 %
HTTPS

43 %
IPv6

41
Domains

57
Subdomains

45
IPs

6
Countries

2311 kB
Transfer

7153 kB
Size

52
Cookies

228 HTTP transactions
0 data transactions