www.itproportal.com Open in urlscan Pro
151.101.2.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Submission: On October 26 via api (October 26th 2021, 3:24:33 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 53 HTTP transactions. The main IP is 151.101.2.114, located in United States and belongs to FASTLY, US. The main domain is www.itproportal.com.
TLS certificate: Issued by R3 on September 23rd 2021. Valid for: 3 months.

This is the only time www.itproportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
9	151.101.194.114 151.101.194.114	54113 (FASTLY) (FASTLY)
11	67.27.233.124 67.27.233.124	3356 (LEVEL3) (LEVEL3)
1	104.18.4.81 104.18.4.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
5	13.32.121.122 13.32.121.122	16509 (AMAZON-02) (AMAZON-02)
2	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
2	52.222.214.40 52.222.214.40	16509 (AMAZON-02) (AMAZON-02)
2	104.18.226.52 104.18.226.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	34.254.73.0 34.254.73.0	16509 (AMAZON-02) (AMAZON-02)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
1	52.222.214.91 52.222.214.91	16509 (AMAZON-02) (AMAZON-02)
1	66.102.1.154 66.102.1.154	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	18.66.97.68 18.66.97.68	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
53	21

2 151.101.2.114 (United States)

ASN54113 (FASTLY, US)

www.itproportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.194.114 (United States)

ASN54113 (FASTLY, US)

search-api.fie.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 67.27.233.124 (United States)

ASN3356 (LEVEL3, US)

vanilla.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mos.cms.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.4.81 (United States)

ASN13335 (CLOUDFLARENET, US)

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

freyr.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bordeaux.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
champagne.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
slice.vanilla.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.121.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-122.fra60.r.cloudfront.net

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-40.fra56.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.226.52 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.73.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-73-0.eu-west-1.compute.amazonaws.com

sommelier.futurehybrid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.91 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-91.fra56.r.cloudfront.net

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.68 (United States)

ASN16509 (AMAZON-02, US)

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.17 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	futurecdn.net search-api.fie.futurecdn.net vanilla.futurecdn.net cdn.mos.cms.futurecdn.net freyr.futurecdn.net bordeaux.futurecdn.net champagne.futurecdn.net slice.vanilla.futurecdn.net	650 KB
7	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	177 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	google.com ampcid.google.com www.google.com	907 B
2	parsely.com cdn.parsely.com p1.parsely.com	19 KB
2	onesignal.com cdn.onesignal.com	71 KB
2	dotmetrics.net uk-script.dotmetrics.net	4 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	itproportal.com www.itproportal.com	65 KB
1	skimresources.com r.skimresources.com	343 B
1	doubleclick.net stats.g.doubleclick.net	414 B
1	futurehybrid.tech sommelier.futurehybrid.tech	2 KB
1	adform.net s2.adform.net	28 KB
1	permutive.app 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	99 KB
53	14

	Domain	Requested by
10	vanilla.futurecdn.net	www.itproportal.com vanilla.futurecdn.net
9	search-api.fie.futurecdn.net	www.itproportal.com search-api.fie.futurecdn.net
5	quantcast.mgr.consensu.org	www.itproportal.com quantcast.mgr.consensu.org
3	sb.scorecardresearch.com	1 redirects
3	bordeaux.futurecdn.net	www.itproportal.com bordeaux.futurecdn.net
2	cdn.onesignal.com	www.itproportal.com cdn.onesignal.com
2	uk-script.dotmetrics.net	www.itproportal.com
2	www.google-analytics.com	www.itproportal.com
2	www.itproportal.com	www.itproportal.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.google.com	www.itproportal.com
1	r.skimresources.com	search-api.fie.futurecdn.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	ampcid.google.com	www.google-analytics.com
1	p1.parsely.com	www.itproportal.com
1	sommelier.futurehybrid.tech	bordeaux.futurecdn.net
1	slice.vanilla.futurecdn.net	www.itproportal.com
1	cdn.parsely.com	www.itproportal.com
1	s2.adform.net	www.itproportal.com
1	champagne.futurecdn.net	www.itproportal.com
1	freyr.futurecdn.net	www.itproportal.com
1	6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	www.itproportal.com
1	cdn.mos.cms.futurecdn.net	www.itproportal.com
53	24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
flipboard.com
www.futureplc.com
pinterest.com
share.flipboard.com
www.knowbe4.com

Subject Issuer	Validity	Valid
www.itproportal.com R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
hawk.techradar.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
*.futurecdn.net DigiCert SHA2 High Assurance Server CA	`2020-06-26` - `2022-07-11`	2 years	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2021-09-20` - `2021-12-18`	3 months	crt.sh
freyr.futurecdn.net R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
bordeaux.futurecdn.net R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
champagne.futurecdn.net R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.dotmetrics.net Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
slice.vanilla.futurecdn.net R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
sommelier.futurehybrid.tech R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Frame ID: 9E5B4919E7A81CF9840AE4B36573362B
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How social engineering contributes to successful ransomware attacks | ITProPortal

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Page Statistics

53
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

24
Subdomains

21
IPs

3
Countries

1140 kB
Transfer

4410 kB
Size

11
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/itproportal

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/user?screen_name=itproportal

Search URL Search Domain Scan URL

URL: https://flipboard.com/@ITProPortal

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=How%20social%20engineering%20contributes%20to%20successful%20ransomware%20attacks&url=https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/&media=https://cdn.mos.cms.futurecdn.net/7AsmexfAsz8ayBuv7MPTgR-1200-80.jpg

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?title=How%20social%20engineering%20contributes%20to%20successful%20ransomware%20attacks&url=https%3A%2F%2Fwww.itproportal.com%2Ffeatures%2Fhow-social-engineering-contributes-to-successful-ransomware-attacks%2F

Search URL Search Domain Scan URL

URL: https://www.knowbe4.com/
Title: KnowBe4

Search URL Search Domain Scan URL

URL: http://www.futureplc.com/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.futureplc.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/
Title: Visit our corporate site

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy/
Title: Cookies policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement/
Title: Accessibility Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/ 215 KB
63 KB 40ms
22ms Document
text/html 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d0998eecd201fe08afb6a0281726fb8b22f2b6ffd34f9aeb4793ce6dc7c3acc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:method: GET
:authority: www.itproportal.com
:scheme: https
:path: /features/how-social-engineering-contributes-to-successful-ransomware-attacks/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
x-ftr-request-id: 67baf76d-3f36-48bc-9be9-e2a8538c996c 00000000:2C70_00000000:01BB_6177DF09_2798B4B:728B
x-article-id: 7bgmvDE5rW3WXskpqd39T6
x-modified-date: 1634895019
last-modified: Tue, 26 Oct 2021 10:27:08 GMT
x-traceid: 51311cc8ecb81dbd
xkey: itproportal-platform-responsive itproportal-article-7bgmvDE5rW3WXskpqd39T6 itproportal-articletype-feature itproportal-articletemplate-standard itproportal-article-age-recent itproportal-region-GB itproportal-language-en itproportal-modifieddate-1634895019 itproportal-author-dPxJkBKWZeY6xr27hy365Y itproportal-tag-wTKdvBtG2yArDUcuHELTHo itproportal-tag-SGUxX4j5P7mhXmDCTEjMs7 itproportal-tag-jdqQ6329KFuWVmUmvZAjLZ itproportal-tag-x3D9kJTUmW33p8FsZ9VCM5 itproportal-tag-VVhhCWCJnmHo79aLKAGueY itproportal-version-353652 itproportal-server-phpfpm-6764f797c6-8tbcc
content-encoding: gzip
x-ftr-cache-status: HIT
x-ftr-expires: Thu, 28 Oct 2021 10:27:09 GMT
x-cache-control: public,max-age=172800
x-age: 1804
cache-control: max-age=300,public
x-ftr-balancer: fteproxy-185-113-25-48
x-ftr-backend: www-live-sites-varnish-new
x-ftr-backend-server: ftevarnishprod-172-20-8-37
via: 1.1 varnish, 1.1 varnish
x-resp-is-stale: true
set-cookie: FTR_Country_Code=DE; path=/; domain=www.itproportal.com FTR_Cache_Status=HIT-STALE-CLUSTER; path=/; domain=www.itproportal.com FTR_Country_Code=DE; path=/; domain=www.itproportal.com FTR_Cache_Status=HIT-CLUSTER; path=/; domain=www.itproportal.com
accept-ranges: bytes
date: Tue, 26 Oct 2021 15:24:28 GMT
age: 764
x-served-by: cache-lon4230-LON, cache-hhn4050-HHN
x-cache-hits: 1, 1
x-timer: S1635261869.876451,VS0,VE16
vary: Accept-Encoding
x-country-code: GB
x-country-code-real: DE
strict-transport-security: max-age=300
x-cache: HIT-CLUSTER
content-length: 63723

GET
H2 200 seasonal.min.css
search-api.fie.futurecdn.net/css/browser/16.10.41-48674933ab1d1b25bc483a26f4c94a56d797ab82/ 169 B
686 B 29ms
8ms Stylesheet
text/css 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/css/browser/16.10.41-48674933ab1d1b25bc483a26f4c94a56d797ab82/seasonal.min.css

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5631e10a4be13df041ca658c41ceea84c8524acc19cc7fb6aa9b1bb310a8900a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 86593
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 105
via: 1.1 varnish, 1.1 varnish
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: MISS, HIT
x-ftr-request-id: 00000000:D6AA_00000000:01BB_6176CBD8_A08CA8:7560
last-modified: Mon, 25 Oct 2021 14:07:51 GMT
x-timer: S1635261869.943344,VS0,VE0
etag: "6176ba37-a9"
x-served-by: cache-lon11663-LON, cache-fra19136-FRA
strict-transport-security: max-age=31557600
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=604800, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
x-ftr-expires: Mon, 01 Nov 2021 15:21:15 GMT
x-cache-hits: 0, 911

GET
H2 200 itproportal.min.css
search-api.fie.futurecdn.net/css/browser/ 5 KB
2 KB 30ms
8ms Stylesheet
text/css 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/css/browser/itproportal.min.css

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45bfbb911f9e942a8365c9783d498cb2251e2919b2738afd636fd3cf654312fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 766
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 1837
x-ftr-expires: Tue, 26 Oct 2021 12:56:26 GMT
x-ftr-balancer: hawkproxyprodblue
x-cache: MISS, HIT
x-ftr-request-id: 00000000:63B8_00000000:01BB_6177F680_D247D9:2990
last-modified: Mon, 25 Oct 2021 14:07:51 GMT
x-timer: S1635261869.943349,VS0,VE1
etag: "6176ba37-1443"
x-served-by: cache-lon4269-LON, cache-fra19136-FRA
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0, 1

GET
H/1.1 200
OK OpenSans-Light.woff2
vanilla.futurecdn.net/itproportal/353652/media/fonts/ 10 KB
11 KB 173ms
12ms Font
font/woff2 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://vanilla.futurecdn.net/itproportal/353652/media/fonts/OpenSans-Light.woff2
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 6ed0702c109875dca01cfa51b44aa5c9da3f51892f8e9ba54e523d772ca20afb

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 09:43:45 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 20444
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 10134
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:7294_00000000:0050_6177CDCE_16245B:6F8E
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Thu, 25 Nov 2021 09:44:13 GMT

GET
H/1.1 200
OK OpenSans.woff2
vanilla.futurecdn.net/itproportal/353652/media/fonts/ 10 KB
11 KB 171ms
9ms Font
font/woff2 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://vanilla.futurecdn.net/itproportal/353652/media/fonts/OpenSans.woff2
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 12b9d92963b594157b22adeebfbcf463b80c5d504f0fefe3bee1533e20a996c9

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 09:43:45 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 20444
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 10191
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:7240_00000000:0050_6177CDD0_BF4E6:0BAA
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: font/woff2
access-control-allow-origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Thu, 25 Nov 2021 09:43:45 GMT

GET
H/1.1 200
OK OpenSans-Semibold.woff2
vanilla.futurecdn.net/itproportal/353652/media/fonts/ 10 KB
11 KB 172ms
11ms Font
font/woff2 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://vanilla.futurecdn.net/itproportal/353652/media/fonts/OpenSans-Semibold.woff2
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 09:43:45 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 20444
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 10363
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:D0BF_00000000:0050_6177CDD0_235758:6F8F
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Thu, 25 Nov 2021 09:44:13 GMT

GET
H/1.1 200
OK OpenSans-Bold.woff2
vanilla.futurecdn.net/itproportal/353652/media/fonts/ 10 KB
11 KB 1307ms
1146ms Font
font/woff2 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://vanilla.futurecdn.net/itproportal/353652/media/fonts/OpenSans-Bold.woff2
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 09:43:44 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 20446
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 10258
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:EA3B_00000000:0050_6177CDD0_11E6FE:6F8D
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Thu, 25 Nov 2021 09:43:45 GMT

GET
H/1.1 200
OK itproportal.woff
vanilla.futurecdn.net/itproportal/353652/media/fonts/ 7 KB
8 KB 172ms
10ms Font
font/woff 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://vanilla.futurecdn.net/itproportal/353652/media/fonts/itproportal.woff
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: ddd2f19a4405cb9fc2a2c162bf6fb29adf87971f34c645bf9bce21d75e7cc332

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 09:43:45 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 20444
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 7651
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:D22B_00000000:0050_6177CDD0_235759:6F8F
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Thu, 25 Nov 2021 09:44:13 GMT

GET
H/1.1 200
OK itproportal.min.css
vanilla.futurecdn.net/itproportal/353652/media/css/ 356 KB
50 KB 171ms
10ms Stylesheet
text/css 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://vanilla.futurecdn.net/itproportal/353652/media/css/itproportal.min.css
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 74d02e242c9f324ae499a0c4a12426c4f9fed24ad498c99b88e0988de44c39f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 09:43:45 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 20444
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 50456
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:D6B6_00000000:0050_6177CDD0_36940A:0BAD
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Thu, 25 Nov 2021 09:44:13 GMT

GET
H/1.1 200
OK main.067ec1904b1e0eedfe85.bundle.js Show response
vanilla.futurecdn.net/itproportal/353652/media/shared/js/ 416 KB
107 KB 171ms
10ms Script
application/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://vanilla.futurecdn.net/itproportal/353652/media/shared/js/main.067ec1904b1e0eedfe85.bundle.js
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 03a62d4eccc883eed4db7239e40ed83cde5db4322e69cffd3b23aea3d2eeed16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 09:43:45 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 20444
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 108568
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:CD77_00000000:0050_6177CDD1_23575D:6F8F
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Thu, 25 Nov 2021 09:44:13 GMT

GET
H/1.1 200
OK missing-image.svg
vanilla.futurecdn.net/itproportal/media/img/ 2 KB
2 KB 18ms
18ms Image
image/svg+xml 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vanilla.futurecdn.net/itproportal/media/img/missing-image.svg
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: c333253d35d9ea22c91a797c5ad5a77e17ee1575465e284ae2503cb345d5c5c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 17:02:49 GMT
Content-Encoding: gzip
X-CS-Bucket: vanilla-assets-prod
Age: 1117300
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 1033
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:74D1_00000000:0050_61671132_A2BAB5:3A19
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Fri, 12 Nov 2021 17:06:00 GMT

GET
H/1.1 200
OK 7AsmexfAsz8ayBuv7MPTgR-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 16 KB
16 KB 64ms
8ms Image
image/webp 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/7AsmexfAsz8ayBuv7MPTgR-970-80.jpg.webp
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 54966e8d0d1b272dbf123c85703accaa4dfaea5775b59b7803bab6726d8f4d70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 06:12:44 GMT
X-Backend: default
Age: 551504
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 16216
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:D895_00000000:0050_616FB359_8F3C1:36C5
Server: nginx/1.19.0
ETag: ad2cce63812770654b9d315992a2c77d
X-Served-By: kodiak-varnish-7cf5d4cc4d-2gh8v
Content-Type: image/webp
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Tue, 21 Dec 2021 09:46:16 GMT

GET
H2 200 responsive.js Show response
search-api.fie.futurecdn.net/js/w/es6/ 370 KB
121 KB 24ms
6ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/js/w/es6/responsive.js

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

395bc5fc0b5d38a61aac4b3c27b808a0642b5836e3a2f8200d0a6be6e28d1f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 968
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: TC
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 123131
x-ftr-expires: Tue, 26 Oct 2021 14:08:17 GMT
x-ftr-balancer: hawkproxyprodred
x-cache: HIT, HIT
x-ftr-request-id: 00000000:46FA_00000000:01BB_61780721_1A0F143:20A3
last-modified: Mon, 25 Oct 2021 14:07:51 GMT
x-timer: S1635261869.942981,VS0,VE0
etag: "6176ba37-5c7dc"
x-served-by: cache-lon4254-LON, cache-fra19141-FRA
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 5

GET
H2 200 6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js Show response
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 355 KB
99 KB 81ms
39ms Script
application/javascript 104.18.4.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f349e14e4f2a1ba0bdeb35406e97496a0c83c295c449f6258228a01766c8f66d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 6093eccf-6734-4877-ac8b-83d6d0e27b46
age: 1650
x-guploader-uploadid: ADPycdtAHSmFBplFfEjj5hj7NqGs6JGVa4qtyEfnHBLL_93UqFj5iCvOLFlhZAeZM_kjoMvU4ZigMbyalCMPcOF7hExK86tEeQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Mon, 25 Oct 2021 17:55:21 GMT
server: cloudflare
etag: W/"1e4d478764d4d39a4d812be6c818682f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=SqvrGQ==, md5=Hk1Hh2TU05pNgSvmyBhoLw==
x-goog-generation: 1635184521913728
cache-control: public, max-age=300
x-goog-stored-content-length: 104148
cf-ray: 6a44b11918de4113-PRG
expires: Tue, 26 Oct 2021 15:29:28 GMT

GET
H2 200 freyr.js Show response
freyr.futurecdn.net/ 63 KB
14 KB 39ms
11ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://freyr.futurecdn.net/freyr.js

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

a46b40604c0d9cafbf2450e46e3f78c7fd86706c97daacae735f2948106a089c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 08:55:58 GMT
server: nginx/1.19.0
etag: W/"612f401e-faa7"
strict-transport-security: max-age=15724800; includeSubDomains
freyr-version: 1.5.0
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1929
accept-ranges: bytes
content-length: 14027
x-hw: 1635261868.cds151.fr8.hn,1635261868.cds144.fr8.c

GET
H/1.1 200
OK itproportal.png
vanilla.futurecdn.net/itproportal/media/img/ 9 KB
10 KB 136ms
8ms Image
image/png 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vanilla.futurecdn.net/itproportal/media/img/itproportal.png
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: e5993a2b8fe9b3b0f0f7fa4966981fa47fdb502fe5b52b62ec30c5c8e3ff27fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 02:25:45 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 478724
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 9568
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:AFB0_00000000:0050_6170CFA9_E0C3:0BAD
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Sat, 20 Nov 2021 02:33:25 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.itproportal.com/ 5 KB
2 KB 42ms
17ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.itproportal.com/choice.js
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 380fcdd5237392456a1aa9001a8f3fdb93923623aa21929d6b0167d96ca842eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: br
last-modified: Tue, 14 Sep 2021 10:53:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"eed624f247f0843ea435eed3e71c6cd0"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: gCczMXw--jB2rboQ9VBriluOGxLJ8C8rUY3-UgFuzMvg3W7pFiAugQ==

GET
H2 200 bordeaux.js Show response
bordeaux.futurecdn.net/ 325 KB
91 KB 43ms
12ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux.js

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

92fc98d1dfdd3c1227f6e21fadd16339530752dd04cb2f703cb06f8066c4a059

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 14:36:35 GMT
server: nginx/1.19.0
etag: W/"61717af3-514cd"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1635261868.cds124.fr8.hn,1635261868.cds215.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1265
accept-ranges: bytes
bordeaux-version: 4.9.1
content-length: 92633

GET
H2 200 champagne.js Show response
champagne.futurecdn.net/ 44 KB
15 KB 39ms
7ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://champagne.futurecdn.net/champagne.js

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

340e376ec838d075cdda235ec9f88e1e5a3625556e7b345d936aa2acf0486f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 14:45:36 GMT
server: nginx/1.19.0
champagne-version: 1.2.7
etag: W/"61547c10-ae48"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1635261868.cds147.fr8.hn,1635261868.cds131.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=69
accept-ranges: bytes
content-length: 14990

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
15ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 5034
date: Tue, 26 Oct 2021 14:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Tue, 26 Oct 2021 16:00:34 GMT

GET
H2 200 door.js Show response
uk-script.dotmetrics.net/ 7 KB
3 KB 75ms
38ms Script
application/javascript 52.222.214.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/door.js?d=www.itproportal.com&t=itpp
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-40.fra56.r.cloudfront.net
Software: Kestrel /
Resource Hash: bb225d33a884e3ef1e220226292ff664d13325267668331eb1398c022b0d3d7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA56-P3
etag: ".www.itproportal.com.itpp.184.2021102615"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: 9UUHSk4NHAPnb-WfqGU7OgRdf7yr5p7QG5iEnQTAyndYRLgYVzXKWw==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 68ms
23ms Script
application/javascript 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2497
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a44b1192f824138-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 29 Oct 2021 15:24:28 GMT

GET
H2 200 missing-image.svg
www.itproportal.com/media/img/ 2 KB
2 KB 7ms
7ms Image
image/svg+xml 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itproportal.com/media/img/missing-image.svg

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c333253d35d9ea22c91a797c5ad5a77e17ee1575465e284ae2503cb345d5c5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /media/img/missing-image.svg
pragma: no-cache
cookie: FTR_Country_Code=DE; FTR_Cache_Status=HIT-CLUSTER
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.itproportal.com
referer: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1698874
x-ftr-backend-server: ftevarnishprod-172-20-8-36
x-cache: HIT-CLUSTER
x-cache-control: max-age=2592000
x-ftr-backend: www-live-sites-varnish-new
x-age: 0
x-ftr-cache-status: MISS
content-length: 1033
x-ftr-expires: Fri, 05 Nov 2021 23:29:54 GMT
x-ftr-balancer: fteproxyblue
x-ftr-request-id: 00000000:FEB6_00000000:01BB_615E3172_305AE8A:08D0
last-modified: Wed, 06 Oct 2021 17:20:41 GMT
x-country-code-real: DE
x-timer: S1635261869.933999,VS0,VE1
etag: W/"615ddae9-932"
x-served-by: cache-lon11634-LON, cache-hhn4050-HHN
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000
access-control-allow-credentials: true
set-cookie: FTR_Country_Code=DE; path=/; domain=www.itproportal.com FTR_Cache_Status=HIT-CLUSTER; path=/; domain=www.itproportal.com
accept-ranges: bytes
access-control-allow-origin: *
x-country-code: GB
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits: 1, 1

GET
H2 200 hawklinks.js Show response
search-api.fie.futurecdn.net/hl/es6/ 168 KB
44 KB 8ms
7ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f8353fa24a07c7c98cdb23a03c3041cd53ce681a7f55f5849fced9182dd9c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.itproportal.com/
Origin: https://www.itproportal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-hawklinks
age: 1113
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 44544
x-ftr-expires: Tue, 26 Oct 2021 14:25:54 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-cache: HIT, HIT
x-ftr-request-id: 00000000:72DC_00000000:01BB_61780B41_1C72296:7998
last-modified: Mon, 25 Oct 2021 09:20:23 GMT
x-timer: S1635261869.955070,VS0,VE0
etag: "617676d7-29ec7"
x-served-by: cache-lon4274-LON, cache-fra19141-FRA
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 4

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 79 KB
28 KB 63ms
22ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:28 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:01 GMT
server: nginx
etag: W/"613888ed-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 p.js Show response
cdn.parsely.com/keys/itproportal.com/ 50 KB
19 KB 36ms
7ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/itproportal.com/p.js
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f99f1f04cc2807f78385bed08e5f28fef484659ee17ab2df006a90c25efe211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Tue, 26 Oct 2021 05:58:13 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 16:58:25 GMT
server: nginx
age: 33975
etag: W/"602bf9b1-c8b9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb5.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 2Usk1KQd0LQGIo66ioFX11MJhsa3onaJJPp1FLdAaN1VgucvT0BRqA==
expires: Wed, 27 Oct 2021 05:58:13 GMT

GET
H2 200 react.js Show response
slice.vanilla.futurecdn.net/1-0-2// 128 KB
42 KB 37ms
9ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://slice.vanilla.futurecdn.net/1-0-2//react.js
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: aa33ff28df27cb82f3db3f7e5b9f726796099b323565ef93a867a2b4b440154f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id: 00000000000000001369f3e403b8d308
x-ftr-backend-server: http.van-prod
date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 15:00:34 GMT
cache-control: public, max-age=2592000
etag: W/"1fe35-17ca8849650"
x-hw: 1635261869.cds136.fr8.hn,1635261869.cds006.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-ftr-request-id: 00000000:2E32_00000000:0050_6172E387_EA56F1:7C23
x-ftr-backend: van-prod-slice
accept-ranges: bytes
content-length: 42348
x-ftr-balancer: fteproxyred

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/34/ 179 KB
44 KB 10ms
9ms Script
text/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2.js?referer=www.itproportal.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.itproportal.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7289837e876c7bbbf1afc71abc4c5383e7f56692abeaa0a72b82e4e721ceba26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: br
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 02 Sep 2021 17:09:04 GMT
server: AmazonS3
etag: W/"9deb1d626be8c031919272577f54eb7e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-id: aKrlsdId6lTc-RqEHHf6vL_speAlbtQiCOVzh5RFyz8cN8Mct5W1aA==

GET
H2 200 config Show response
sommelier.futurehybrid.tech/ 8 KB
2 KB 115ms
33ms Fetch
application/json 34.254.73.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sommelier.futurehybrid.tech/config?r=442&tpl=article&l=https%3A%2F%2Fwww.itproportal.com%2Ffeatures%2Fhow-social-engineering-contributes-to-successful-ransomware-attacks%2F&vf=responsive-desktop-article&vl=responsive-desktop-article

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.254.73.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-73-0.eu-west-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

653bd703359c4ed0ae3068cc6b57bd9605ee9af55b8b24e8e523bc1b06e27d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 26ms
25ms Script
application/javascript 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2345
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a44b11a09614138-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 29 Oct 2021 15:24:29 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 453ms
109ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1635261869126&plid=31127250&idsite=itproportal.com&url=https%3A%2F%2Fwww.itproportal.com%2Ffeatures%2Fhow-social-engineering-contributes-to-successful-ransomware-attacks%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.itproportal.com%2Ffeatures%2Fhow-social-engineering-contributes-to-successful-ransomware-attacks%2F&sref=&sts=1635261869123&slts=0&title=How+social+engineering+contributes+to+successful+ransomware+attacks+%7C+ITProPortal&date=Tue+Oct+26+2021+15%3A24%3A29+GMT%2B0000+(GMT)&action=pageview&pvid=82595282&u=pid%3Db68ee6a361e718f3a27673dd54e8475e
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 15:24:29 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 26-Oct-2021 15:24:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
435 B 36ms
14ms XHR
application/json 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itproportal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.itproportal.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
BLOB 200
OK 2ba3291d-65a5-42d4-8124-ac2ecb386937
https://www.itproportal.com/ 162 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.itproportal.com/2ba3291d-65a5-42d4-8124-ac2ecb386937
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3daa06c10fbb4a0defc45994b14c3c1e53f4fe4214307b5ddfd806d74a6ca884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 165813

GET
H2 200 translations.php Show response
search-api.fie.futurecdn.net/ 31 KB
11 KB 6ms
6ms Fetch
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/translations.php?language=en-DE

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d46a0413fb94b81e5a62e5a8391c6c46aadb0073286bd511992cb375f58887cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
x-hawk-country
age: 982
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 10493
x-ftr-expires: Tue, 26 Oct 2021 15:28:07 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: HIT, HIT
x-ftr-request-id: 00000000:2EE0_00000000:01BB_617819D7_1A9C265:7561
x-timer: S1635261869.231405,VS0,VE0
x-served-by: cache-lon11631-LON, cache-fra19141-FRA
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 1, 4

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 8 KB
3 KB 38ms
9ms XHR
application/json 52.222.214.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2.js?referer=www.itproportal.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-91.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a1b760ffaaad5194e4918dc27bf1938a3e53328bffb83df2bcaf6482c86e1d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.itproportal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 03:00:36 GMT
content-encoding: br
age: 44634
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 19:52:30 GMT
server: AmazonS3
etag: W/"ce2e4fb9fc40c4c0ec7bab6578115f67"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: Yiey4KudmKN67Y4sDLFJsLRxwfDFqUt8
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-P3
content-type: application/json
x-amz-cf-id: bdTLMFe9lgwNJQRh62TsQMk24iEvOUc-xcyaJomVSrbyYprtCpQB6A==

GET
H/1.1 200
OK cls-reporting.e4e1afc24d29714b10c7.chunk.js Show response
vanilla.futurecdn.net/itproportal/media/shared/js/ 3 KB
2 KB 7ms
7ms Script
application/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://vanilla.futurecdn.net/itproportal/media/shared/js/cls-reporting.e4e1afc24d29714b10c7.chunk.js
Requested by: Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itproportal/353652/media/shared/js/main.067ec1904b1e0eedfe85.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 0867c870b10c4e6670673239a2d3c332912ad7fd41874470c6398d69d37f8acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 09:56:49 GMT
Content-Encoding: gzip
X-CS-Bucket: vanilla-assets-prod
Age: 970060
X-FTR-Backend-Server: http.van-prod
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Content-Length: 1713
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:C9F3_00000000:0050_6169505D_78B17:6BD7
Server: Footprint Distributor V6.1.1162
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
access-control-allow-origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Smartersafe-Version
Expires: Sun, 14 Nov 2021 09:56:49 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
414 B 69ms
22ms XHR
text/plain 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-460866-1&cid=268172349.1635261869&jid=2000729528&gjid=1037716401&_gid=938888795.1635261869&_u=YGBAgEABBAQCAE~&z=1461698362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itproportal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Oct 2021 15:24:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.itproportal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
10ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=309926997&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itproportal.com%2Ffeatures%2Fhow-social-engineering-contributes-to-successful-ransomware-attacks%2F&ul=en-us&de=UTF-8&dt=How%20social%20engineering%20contributes%20to%20successful%20ransomware%20attacks%20%7C%20ITProPortal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAQC~&jid=2000729528&gjid=1037716401&cid=268172349.1635261869&tid=UA-460866-1&_gid=938888795.1635261869&cd57=vanilla-beta&cd40=How_social_engineering_contributes_to_successful_ransomware_attacks&cd41=Social_engineering%7CRansomware%7CEngineering%7CSocial_engineering_security%7CRansom&cd42=%20&cd45=How_social_engineering_contributes_to_successful_ransomware_attacks&cd46=social_engineering&cd47=How_social_engineering_contributes_to_successful_ransomware_attacks&cd50=6&cd51=false&cd58=social_engineering%7Cransomware%7Ccyberattack%7CSecurity&cd74=&cd13=false&cd10=EN-GB&cd1=feature&cd2=security&cd4=Tech_IT_ProPortal%2F&cd5=7bgmvDE5rW3WXskpqd39T6&cd6=%7Csocial_engineering%7Cransomware%7Ccyberattack%7Csecurity%7Cserversidehawk&cd7=javvad_malik&cd8=22-10-2021&cd27=353652&cd33=text%2Cembed%2Ctext%2Clist%2Cheading%2Ctext%2Cheading%2Ctext%2Clist%2Cheading%2Ctext%2Clist%2Ctext&cd95=feature&cd106=0&cd126=en&cd127=GB%7CUS%7CAU%7CSG&cd128=22-10-2021&cd31=9.3&cd30=4g&z=1292935115

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 00:56:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52081
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 merchant-domains.php Show response
search-api.fie.futurecdn.net/ 328 KB
66 KB 9ms
8ms Fetch
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/merchant-domains.php?site=ITPROPORTAL

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a1f96e84efb6172405527a4c80b47548fc4d040598020d21b8b2abb59ecd1f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
x-hawk-country
age: 4039
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: TC
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 67624
x-ftr-expires: Tue, 26 Oct 2021 14:37:10 GMT
x-ftr-balancer: hawkproxyprodred
x-cache: HIT, HIT
x-ftr-request-id: 00000000:85C2_00000000:01BB_61780DE6_D01901:20A2
x-timer: S1635261869.329093,VS0,VE1
x-served-by: cache-lon11638-LON, cache-fra19141-FRA
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
x-resp-is-stale: true
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 1, 1

GET
H2 200 bordeaux-responsive-desktop-article-layout.6fa06ba371b783593d7c.js Show response
bordeaux.futurecdn.net/ 6 KB
2 KB 25ms
9ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux-responsive-desktop-article-layout.6fa06ba371b783593d7c.js

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

60e5b348aba9f333a40066809a558f9fd80a3e027e39f89c71979fd19ccf5e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 14:36:35 GMT
server: nginx/1.19.0
etag: W/"61717af3-174b"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1635261869.cds155.fr8.hn,1635261869.cds053.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=84652
accept-ranges: bytes
bordeaux-version: 4.9.1
content-length: 1306

GET
H2 200 bordeaux-responsive-desktop-article-format.6fa06ba371b783593d7c.js Show response
bordeaux.futurecdn.net/ 5 KB
2 KB 27ms
13ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux-responsive-desktop-article-format.6fa06ba371b783593d7c.js

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

11417c71f594585439633f17e5f2c02e129535bd07b495d59e9e51c451282e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 14:36:35 GMT
server: nginx/1.19.0
etag: W/"61717af3-14b1"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1635261869.cds155.fr8.hn,1635261869.cds013.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=84653
accept-ranges: bytes
bordeaux-version: 4.9.1
content-length: 1775

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 290 KB
34 KB 22ms
7ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2.js?referer=www.itproportal.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 03:00:37 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 44633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 03:00:31 GMT
server: AmazonS3
etag: W/"245785af8ba94b258aadfcb233c26a42"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 4wTw-TeUq878BVTJgF34P7fuJ9So8QEFZ8gRzGTxrURyOAl6Hvuvrg==

GET
H2 200 setup-seasonal.js Show response
search-api.fie.futurecdn.net/js/w/es6/16.10.41-48674933ab1d1b25bc483a26f4c94a56d797ab82/ 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/js/w/es6/16.10.41-48674933ab1d1b25bc483a26f4c94a56d797ab82/setup-seasonal.js

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2dbbc5887cf8cdae3fd00b49aec35232cecb4078bd6552bff12ec6c2c4089455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 86226
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 722
x-ftr-expires: Mon, 01 Nov 2021 15:27:22 GMT
x-ftr-balancer: hawkproxyprodblue
x-cache: MISS, HIT
x-ftr-request-id: 00000000:A4A4_00000000:01BB_6176CCDC_1521CEF:2991
last-modified: Mon, 25 Oct 2021 14:07:51 GMT
x-timer: S1635261869.403895,VS0,VE0
etag: W/"6176ba37-6fb"
x-served-by: cache-lon4270-LON, cache-fra19136-FRA
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=604800, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0, 880

GET
H2 200 / Show response
r.skimresources.com/api/ 149 B
343 B 58ms
22ms Fetch
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?persistence=1&xguid=01BT2SNRZKMTD96W8181AS0KKC&data={%22pubcode%22:%2292X1583683%22,%22domains%22:[%22itproportal.com%22,%22knowbe4.com%22],%22page%22:%22https%3A%2F%2Fwww.itproportal.com%2Ffeatures%2Fhow-social-engineering-contributes-to-successful-ransomware-attacks%2F%22}&checksum=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

54b2120eb1ceadd874080907cc4bbbaf000e50d3e6042861104c97689993dc30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.itproportal.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 80ms
40ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-460866-1&cid=268172349.1635261869&jid=2000729528&_u=YGBAgEABBAQCAE~&z=290978531

Requested by

Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 15:24:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/34/ 219 KB
57 KB 8ms
8ms Script
text/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2.js?referer=www.itproportal.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e95015e979a80102c2ca35fd0d302a3d72fe378e46babe201e2219d41fab8658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 12:35:21 GMT
content-encoding: gzip
age: 88878
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 02 Sep 2021 17:09:08 GMT
server: AmazonS3
etag: W/"e77784835dce13809b52939bdf8047be"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: zxLhWQCy2vYV8vgdevv4vGiknATslAyA3R2xYevB5a_pYApSFoDZxQ==

GET
H2 200 hit.gif
uk-script.dotmetrics.net/ 43 B
1 KB 34ms
34ms Image
image/gif 52.222.214.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uk-script.dotmetrics.net/hit.gif?id=5204&url=https%3A%2F%2Fwww.itproportal.com%2Ffeatures%2Fhow-social-engineering-contributes-to-successful-ransomware-attacks%2F&dom=www.itproportal.com&r=1635261869455&pvs=1&pvid=kv88p1ktdxysftivi66&c=false
Requested by: Host: www.itproportal.com
URL: https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-40.fra56.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
dotmetrics-hit-status: 01 OK
server: Kestrel
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: ahfg1we3ckik9piryPWSipn1cV8yERexUGlrF9qJ6nB1NdEL0EPFeA==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
37 KB 8ms
7ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2.js?referer=www.itproportal.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc5453423408c64912bcee0b8c17daf0a1a046f1bde073600c3a106770212049

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.itproportal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 03:00:30 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 44640
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 03:00:27 GMT
server: AmazonS3
etag: W/"c70cf8156fbfeefb12258748cf539900"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: idWzjKXeRX4y-xJ2CdCjWD_JcdLuyyjB2OZED32RKSnghWvtVre7gw==

GET
H2 200 seasonal.php Show response
search-api.fie.futurecdn.net/ 72 B
688 B 13ms
13ms Fetch
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/seasonal.php?article_type=news&article_category=retail&language=en-DE&site=ITPROPORTAL&device=desktop&origin=widgets-clientside

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c6cb60c24d9bf927a1886ef4cdc29d4b5430a1f73631950b03f947195f25471c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
x-hawk-country
age: 4032
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 79
x-ftr-expires: Tue, 26 Oct 2021 14:37:16 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: MISS, HIT
x-ftr-request-id: 00000000:5802_00000000:01BB_61780DF7_1A675FF:7561
x-timer: S1635261869.466106,VS0,VE1
x-served-by: cache-lon11634-LON, cache-fra19141-FRA
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
x-resp-is-stale: true
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 0, 1

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
514 B 35ms
9ms XHR
text/html 18.66.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22uer8ZPXHG8WDU%22%2C%22domain%22%3A%22www.itproportal.com%22%2C%22publisher%22%3A%22ITProPortal%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.34%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22yWzMlEGtQWiAHkUPFQp09Q%22%2C%22clientTimestamp%22%3A1635261869497%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-5oe9l41yl966ffunp3fp%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.itproportal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 04:56:12 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
age: 37698
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: 5FrWSUeVujHqo0HmF2oG_GipoDtbzHzM2WKhdLFyAiLP2JM0a6YAHw==

GET
H2 200 seasonal.js Show response
search-api.fie.futurecdn.net/js/w/es6/16.10.41-48674933ab1d1b25bc483a26f4c94a56d797ab82/ 4 KB
1 KB 7ms
6ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/js/w/es6/16.10.41-48674933ab1d1b25bc483a26f4c94a56d797ab82/seasonal.js

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6ed0cc65dcb8485fe92e978af212601cc52cff12b0d5f7fa7a248cad587f7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:29 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 86226
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 1319
x-ftr-expires: Mon, 01 Nov 2021 15:27:22 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-cache: MISS, HIT
x-ftr-request-id: 00000000:6790_00000000:01BB_6176CCDB_175186E:7998
last-modified: Mon, 25 Oct 2021 14:07:51 GMT
x-timer: S1635261870.509938,VS0,VE0
etag: W/"6176ba37-11bb"
x-served-by: cache-lon4229-LON, cache-fra19136-FRA
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=604800, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0, 879

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10055482/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

9ms
8ms

Script
application/javascript

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:23:30 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 61
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: uo5vz8pGeixQWOQQq_0hNZrJI-sHwSzYRmVFlTRSSMiWrLKSXjXb_g==

Redirect headers

date: Tue, 26 Oct 2021 15:24:30 GMT
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: -jfajl2ovPULKI-1ZesLe4BQ0826hayMg7nwy623FurQ4nsgM2WPgQ==

GET
H2 200 b2
sb.scorecardresearch.com/ 64 B
331 B 15ms
15ms Image
image/gif 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=34&cs_cmp_rt=0&cs_it=b2&cv=3.8.0.210223&ns__t=1635261871002&ns_c=UTF-8&c7=https%3A%2F%2Fwww.itproportal.com%2Ffeatures%2Fhow-social-engineering-contributes-to-successful-ransomware-attacks%2F&c8=How%20social%20engineering%20contributes%20to%20successful%20ransomware%20attacks%20%7C%20ITProPortal&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itproportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:24:31 GMT
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: pOzIPMN-emRTqq7RENxXxD-YX8gyd3oXQ7UCAWdbk3Yw1o_HiseyPA==

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.itproportal.com/	1969-12-31 23:59:59	Name: FTR_Country_Code Value: DE
.www.itproportal.com/	1969-12-31 23:59:59	Name: FTR_Cache_Status Value: HIT-CLUSTER
.itproportal.com/	1970-01-19 22:14:23	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.itproportal.com/features/how-social-engineering-contributes-to-successful-ransomware-attacks/%22%2C%22sref%22:%22%22%2C%22sts%22:1635261869123%2C%22slts%22:0}
.itproportal.com/	1970-01-20 07:43:45	Name: _parsely_visitor Value: {%22id%22:%22pid=b68ee6a361e718f3a27673dd54e8475e%22%2C%22session_count%22:1%2C%22last_session_ts%22:1635261869123}
.itproportal.com/	1970-01-19 22:14:25	Name: AMP_TOKEN Value: %24NOT_FOUND
.itproportal.com/	1970-01-20 15:45:33	Name: _ga Value: GA1.2.268172349.1635261869
.itproportal.com/	1970-01-19 22:15:48	Name: _gid Value: GA1.2.938888795.1635261869
.itproportal.com/	1970-01-19 22:14:21	Name: _gat Value: 1
uk-script.dotmetrics.net/	1970-01-19 22:24:26	Name: AWSALBCORS Value: MEf7V+b5hTo9XScC1UYWyehcgjdmz8r/JAS2jcHa+d9jo5+1CprWMCr7GfQC0clrUf5MVHkIlsVsVwkT+BPYKvxTDUfTWZVGbnvgIHE/6JKt2OL8W8Dy9m/OAT2P
.dotmetrics.net/	1970-01-20 06:59:57	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 06:59:57	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=e7e2bfe3-7347-4698-b1c1-54416c5eec8d&Created=10/26/2021 15:24:29&UserMode=0&guid=bc0de27a-fe31-4b08-b4e2-d28a499f7692&ver=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
ampcid.google.com
audit-tcfv2.quantcast.mgr.consensu.org
bordeaux.futurecdn.net
cdn.mos.cms.futurecdn.net
cdn.onesignal.com
cdn.parsely.com
champagne.futurecdn.net
freyr.futurecdn.net
p1.parsely.com
quantcast.mgr.consensu.org
r.skimresources.com
s2.adform.net
sb.scorecardresearch.com
search-api.fie.futurecdn.net
slice.vanilla.futurecdn.net
sommelier.futurehybrid.tech
stats.g.doubleclick.net
test.quantcast.mgr.consensu.org
uk-script.dotmetrics.net
vanilla.futurecdn.net
www.google-analytics.com
www.google.com
www.itproportal.com
104.18.226.52
104.18.4.81
13.32.121.122
13.32.121.17
142.250.184.206
142.250.185.228
151.101.194.114
151.101.2.114
151.139.128.11
172.217.23.110
18.66.100.58
18.66.97.68
34.254.73.0
35.190.59.101
37.157.6.235
52.205.167.202
52.222.214.40
52.222.214.91
66.102.1.154
67.27.233.124
03a62d4eccc883eed4db7239e40ed83cde5db4322e69cffd3b23aea3d2eeed16
0867c870b10c4e6670673239a2d3c332912ad7fd41874470c6398d69d37f8acf
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
11417c71f594585439633f17e5f2c02e129535bd07b495d59e9e51c451282e56
12b9d92963b594157b22adeebfbcf463b80c5d504f0fefe3bee1533e20a996c9
1f8353fa24a07c7c98cdb23a03c3041cd53ce681a7f55f5849fced9182dd9c7e
2a1b760ffaaad5194e4918dc27bf1938a3e53328bffb83df2bcaf6482c86e1d2
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dbbc5887cf8cdae3fd00b49aec35232cecb4078bd6552bff12ec6c2c4089455
340e376ec838d075cdda235ec9f88e1e5a3625556e7b345d936aa2acf0486f07
380fcdd5237392456a1aa9001a8f3fdb93923623aa21929d6b0167d96ca842eb
395bc5fc0b5d38a61aac4b3c27b808a0642b5836e3a2f8200d0a6be6e28d1f20
3daa06c10fbb4a0defc45994b14c3c1e53f4fe4214307b5ddfd806d74a6ca884
45bfbb911f9e942a8365c9783d498cb2251e2919b2738afd636fd3cf654312fb
54966e8d0d1b272dbf123c85703accaa4dfaea5775b59b7803bab6726d8f4d70
54b2120eb1ceadd874080907cc4bbbaf000e50d3e6042861104c97689993dc30
5631e10a4be13df041ca658c41ceea84c8524acc19cc7fb6aa9b1bb310a8900a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60e5b348aba9f333a40066809a558f9fd80a3e027e39f89c71979fd19ccf5e06
653bd703359c4ed0ae3068cc6b57bd9605ee9af55b8b24e8e523bc1b06e27d42
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6ed0702c109875dca01cfa51b44aa5c9da3f51892f8e9ba54e523d772ca20afb
7289837e876c7bbbf1afc71abc4c5383e7f56692abeaa0a72b82e4e721ceba26
74d02e242c9f324ae499a0c4a12426c4f9fed24ad498c99b88e0988de44c39f7
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8f99f1f04cc2807f78385bed08e5f28fef484659ee17ab2df006a90c25efe211
92fc98d1dfdd3c1227f6e21fadd16339530752dd04cb2f703cb06f8066c4a059
a1f96e84efb6172405527a4c80b47548fc4d040598020d21b8b2abb59ecd1f3a
a46b40604c0d9cafbf2450e46e3f78c7fd86706c97daacae735f2948106a089c
a6ed0cc65dcb8485fe92e978af212601cc52cff12b0d5f7fa7a248cad587f7ef
aa33ff28df27cb82f3db3f7e5b9f726796099b323565ef93a867a2b4b440154f
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
bb225d33a884e3ef1e220226292ff664d13325267668331eb1398c022b0d3d7b
c333253d35d9ea22c91a797c5ad5a77e17ee1575465e284ae2503cb345d5c5c5
c6cb60c24d9bf927a1886ef4cdc29d4b5430a1f73631950b03f947195f25471c
c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0998eecd201fe08afb6a0281726fb8b22f2b6ffd34f9aeb4793ce6dc7c3acc0
d46a0413fb94b81e5a62e5a8391c6c46aadb0073286bd511992cb375f58887cc
dc5453423408c64912bcee0b8c17daf0a1a046f1bde073600c3a106770212049
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd2f19a4405cb9fc2a2c162bf6fb29adf87971f34c645bf9bce21d75e7cc332
e5993a2b8fe9b3b0f0f7fa4966981fa47fdb502fe5b52b62ec30c5c8e3ff27fb
e95015e979a80102c2ca35fd0d302a3d72fe378e46babe201e2219d41fab8658
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f349e14e4f2a1ba0bdeb35406e97496a0c83c295c449f6258228a01766c8f66d
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

www.itproportal.com Open in urlscan Pro 151.101.2.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

0 %IPv6

14 Domains

24 Subdomains

21 IPs

3 Countries

1140 kBTransfer

4410 kBSize

11 Cookies

15 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.itproportal.com Open in urlscan Pro
151.101.2.114 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

24
Subdomains

21
IPs

3
Countries

1140 kB
Transfer

4410 kB
Size

11
Cookies

53 HTTP transactions
0 data transactions