urlscan.io logo urlscan.io
SecurityTrails logo

www.itpro.com Open in urlscan Pro
151.101.2.114  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Submission: On February 28 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 19 domains to perform 111 HTTP transactions. The main IP is 151.101.2.114, located in United States and belongs to FASTLY, US. The main domain is www.itpro.com. The Cisco Umbrella rank of the primary domain is 950481.
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.
This is the only time www.itpro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 151.101.2.114 54113 (FASTLY)
28 2600:9000:249... 16509 (AMAZON-02)
11 2600:9000:223... 16509 (AMAZON-02)
13 99.86.4.40 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:235... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:235... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 18.66.192.6 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.161.77.50 16509 (AMAZON-02)
1 18.66.97.115 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.72.109.162 16509 (AMAZON-02)
1 34.242.252.89 16509 (AMAZON-02)
1 54.155.18.159 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:266... 16509 (AMAZON-02)
1 35.190.59.101 15169 (GOOGLE)
1 3 18.245.60.107 16509 (AMAZON-02)
111 30
15    151.101.2.114 (United States)

ASN54113 (FASTLY, US)
www.itpro.com
slice.vanilla.futurecdn.net
search-api.fie.futurecdn.net
28    2600:9000:2490:5600:6:4010:e280:93a1 (United States)

ASN16509 (AMAZON-02, US)
vanilla.futurecdn.net
11    2600:9000:223c:7800:1b:ce45:6040:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.mos.cms.futurecdn.net
13    99.86.4.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-40.fra6.r.cloudfront.net
cdn.privacy-mgmt.com
1    2600:9000:2057:e800:5:a6be:f9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bordeaux.futurecdn.net
1    2600:9000:235a:8a00:15:a2ae:35c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
champagne.futurecdn.net
7    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
1    2600:9000:2359:da00:19:ee95:9600:93a1 (United States)

ASN16509 (AMAZON-02, US)
freyr.futurecdn.net
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    18.66.192.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-6.muc50.r.cloudfront.net
uk-script.dotmetrics.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net
cdn.parsely.com
1    18.66.97.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-115.fra56.r.cloudfront.net
mos.fie.futurecdn.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2600:9000:2057:ca00:12:b587:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)
ads.servebom.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    54.72.109.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-109-162.eu-west-1.compute.amazonaws.com
eventsproxy.gargantuan.futureplc.com
1    34.242.252.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-252-89.eu-west-1.compute.amazonaws.com
sommelier.futurehybrid.tech
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:225e:9c00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    2600:9000:225e:6000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2600:9000:266e:a00:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rm-script.dotmetrics.net
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    18.245.60.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net
sb.scorecardresearch.com
Apex Domain
Subdomains		 Transfer
57 futurecdn.net
vanilla.futurecdn.net — Cisco Umbrella Rank: 17957
cdn.mos.cms.futurecdn.net — Cisco Umbrella Rank: 14334
slice.vanilla.futurecdn.net — Cisco Umbrella Rank: 19530
search-api.fie.futurecdn.net — Cisco Umbrella Rank: 19005
bordeaux.futurecdn.net — Cisco Umbrella Rank: 18852
champagne.futurecdn.net — Cisco Umbrella Rank: 22067
freyr.futurecdn.net — Cisco Umbrella Rank: 20081
mos.fie.futurecdn.net — Cisco Umbrella Rank: 26955
2 MB
13 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 3813
182 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
4 google.de
ampcid.google.de — Cisco Umbrella Rank: 85897
www.google.de — Cisco Umbrella Rank: 6553
945 B
4 google.com
ampcid.google.com — Cisco Umbrella Rank: 3082
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2663
1 KB
4 dotmetrics.net
uk-script.dotmetrics.net — Cisco Umbrella Rank: 5454
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6645
7 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
3 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
429 B
2 futureplc.com
eventsproxy.gargantuan.futureplc.com — Cisco Umbrella Rank: 18720
602 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3122
p1.parsely.com — Cisco Umbrella Rank: 2355
24 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
172 KB
1 skimresources.com
r.skimresources.com — Cisco Umbrella Rank: 4510
363 B
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 4522
45 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2905
9 KB
1 futurehybrid.tech
sommelier.futurehybrid.tech — Cisco Umbrella Rank: 19571
3 KB
1 servebom.com
ads.servebom.com — Cisco Umbrella Rank: 20398
495 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
5 KB
1 permutive.app
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app — Cisco Umbrella Rank: 21293
244 KB
1 itpro.com
www.itpro.com — Cisco Umbrella Rank: 950481
150 KB
111 19
Domain Requested by
28 vanilla.futurecdn.net www.itpro.com
vanilla.futurecdn.net
13 cdn.privacy-mgmt.com www.itpro.com
cdn.privacy-mgmt.com
11 cdn.mos.cms.futurecdn.net www.itpro.com
slice.vanilla.futurecdn.net
10 search-api.fie.futurecdn.net www.itpro.com
search-api.fie.futurecdn.net
7 www.google-analytics.com www.itpro.com
www.google-analytics.com
4 slice.vanilla.futurecdn.net www.itpro.com
3 sb.scorecardresearch.com 1 redirects
3 www.google.de www.itpro.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 uk-script.dotmetrics.net www.itpro.com
uk-script.dotmetrics.net
2 www.google.com www.itpro.com
2 eventsproxy.gargantuan.futureplc.com freyr.futurecdn.net
2 www.googletagmanager.com www.itpro.com
www.googletagmanager.com
1 r.skimresources.com search-api.fie.futurecdn.net
1 rm-script.dotmetrics.net www.itpro.com
1 region1.analytics.google.com www.googletagmanager.com
1 content.jwplatform.com vanilla.futurecdn.net
1 cdn.jwplayer.com vanilla.futurecdn.net
1 p1.parsely.com www.itpro.com
1 sommelier.futurehybrid.tech bordeaux.futurecdn.net
1 ampcid.google.de www.google-analytics.com
1 ads.servebom.com bordeaux.futurecdn.net
1 ampcid.google.com www.google-analytics.com
1 mos.fie.futurecdn.net www.itpro.com
1 cdn.parsely.com www.itpro.com
1 cdnjs.cloudflare.com www.itpro.com
1 freyr.futurecdn.net www.itpro.com
1 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app www.itpro.com
1 champagne.futurecdn.net www.itpro.com
1 bordeaux.futurecdn.net www.itpro.com
1 www.itpro.com
111 31
Subject Issuer Validity Valid
www.itpro.co.uk
R3		 2024-01-18 -
2024-04-17		 3 months crt.sh
vanilla.futurecdn.net
Amazon RSA 2048 M02		 2023-11-02 -
2024-11-30		 a year crt.sh
cdn.mos.cms.futurecdn.net
Amazon RSA 2048 M02		 2023-11-02 -
2024-11-30		 a year crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
slice.vanilla.futurecdn.net
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
hawk.techradar.com
R3		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.futurecdn.net
Amazon RSA 2048 M02		 2023-09-08 -
2024-10-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2023-08-23 -
2024-09-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
mos.fie.futurecdn.net
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.servebom.com
Amazon RSA 2048 M02		 2023-10-19 -
2024-11-15		 a year crt.sh
*.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
eventsproxy.gargantuan.futureplc.com
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh
sommelier.futurehybrid.tech
R3		 2024-01-28 -
2024-04-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.skimresources.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-11-07		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Frame ID: 636391A71FC10D6C1C7397E14D3058D1
Requests: 104 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
Frame ID: DDA333697297E3304C0D062BAC5090CD
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Schneider Electric confirms data was stolen in Cactus ransomware attack | ITProITProCloud ProChannel ProITPro

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

111
Requests

96 %
HTTPS

66 %
IPv6

19
Domains

31
Subdomains

30
IPs

4
Countries

2409 kB
Transfer

8895 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108
  • https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
www.itpro.com/security/ransomware/ 		888 KB
150 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae4b8295a9828b53e7b4368555af4afa4e80052e8dcecef01c80faedb5d9b439
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
159537
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
no-store,private
content-encoding
br
content-length
152456
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Wed, 28 Feb 2024 12:38:42 GMT
last-modified
Mon, 26 Feb 2024 16:19:44 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-age
0
x-article-id
8HFKPLRDvLB9iRiNBMaeQQ
x-cache
HIT-CLUSTER
x-cache-hits
30, 1
x-country-code
US
x-country-code-real
DE
x-frame-options
SAMEORIGIN
x-ftr-backend
varnish-leopard
x-ftr-backend-server
vanilla-leopard-http-cache-prod-02
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-2
x-ftr-cache-status
MISS HIT
x-ftr-request-id
0c636ae6-a31c-4c19-a1f8-0357b6a393b1 00000000000000000000FFFF9D344592:A524_00000000000000000000FFFFB9711938:01BB_65DCBA21_BCCDD9:31D934
x-modified-date
1708441209
x-served-by
cache-lon420146-LON, cache-fra-etou8220065-FRA
x-timer
S1709123923.525348,VS0,VE2
xkey
itpro-platform-responsive itpro-article-8HFKPLRDvLB9iRiNBMaeQQ itpro-articletype-news itpro-articletemplate-standard itpro-article-age-ancient itpro-region-US itpro-language-en itpro-modifieddate-1708441209 itpro-author-8JgXSag6py7ykGzogEfJTA itpro-tag-k8wXdchCNsj8arAeQtxyfy itpro-tag-nRS3q9Hbwso6TtGimTsYdB itpro-flexi-page-guid-itpro_page_layout_news itpro-curatedlist-9ityrXgfTSfprh6HG4gK9c itpro-flexi-controller-FlexiPageLayout:index itpro-flexi-site-guid-itpro_en_us itpro-flexi-layout-news itpro-flexi-route-custom_route_1666094972 itpro-version-897316 itpro-server-phpfpm-7dbd7cb6cb-k8lth itpro-hawkwidgets-16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862
OpenSans-400-Regular.woff2
vanilla.futurecdn.net/itpro/897316/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/897316/media/shared/fonts/OpenSans-400-Regular.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 14:46:18 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
165144
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC5978:9D32_00000000000000000000FFFFB971193C:01BB_65DCA43A_D629B:13ADCA
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
8eueASQYfQkzG5J8j0xzRZqaDyNilyxmJs3rHs3qKJ2OhrNP5wY0DQ==
OpenSans-600-SemiBold.woff2
vanilla.futurecdn.net/itpro/897316/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/897316/media/shared/fonts/OpenSans-600-SemiBold.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 14:46:18 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
165144
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC58A3:6E4A_00000000000000000000FFFFB971193B:01BB_65DCA439_ECA9D:2B42D6
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
p63GAs2WvoIDLHMWOyNiQISGbTvzFZYmuCdkZyzjAJyMeZxAbT_4fg==
7fFK6JAcpPwJ8Pn24KeHta-650-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/7fFK6JAcpPwJ8Pn24KeHta-650-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7ac18e3e4df08f18ceb091bc39373dcbbb6c39aac2d43cbc3ab856fe5a08ebdc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
255717
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulk-proxy-1
x-svc-go-version
1.20.13
etag
ffa57be472427160afe7d65715354f1c
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Thu, 25 Apr 2024 13:36:45 UTC
date
Sun, 25 Feb 2024 13:36:45 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/7fFK6JAcpPwJ8Pn24KeHta.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon1
alt-svc
h3=":443"; ma=86400
content-length
20866
x-ftr-request-id
00000000:CF6A_00000000:01BB_65DB4269_1AFE9CA:DFFD
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
gqRv9ATCkkAqB5VlKeEZZDUDTxYXcQp7hVu3toBDZ0U2xQfjq4LJBg==
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		124 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5870b689b770de6e6a0b9b3b2fc01cef03b594d8ee627d373580235fc584874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:04:54 GMT
content-encoding
br
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 15:47:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
2029
x-amz-server-side-encryption
AES256
etag
W/"c40beb72eaafc58b58d4c5bf2d96257a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
6kiLu0Kd5rwVuGMonpZB7JsiVQh6z8gza8kxja0zW-ThSUfQ6Aj_zA==
externals.js
slice.vanilla.futurecdn.net/12-8-8/js/ 		137 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/12-8-8/js/externals.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f65329a3db68a68c542fe17485430268a4f86882c6e579344e42a862d43ef2b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
167030
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
39373
x-served-by
cache-fra-etou8220123-FRA
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id
00000000000000000000FFFF8CF84A73:A402_00000000000000000000FFFFB9711932:01BB_65DC9CDB_7653AA:6BA5C
last-modified
Mon, 26 Feb 2024 13:33:55 GMT
x-timer
S1709123923.585167,VS0,VE0
etag
W/"22508-18de59f3f42"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
2174
responsive.js
search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/ 		982 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/responsive.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
279c22eec129626a282d2b158d985fce99cadae69fc52410763ef18c04e55bb5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
324
x-hawk-area
DE
x-ftr-dc
uk-lon1
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
s3-futureplc-engineering-accessors, fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Wed, 28 Feb 2024 12:33:17 GMT
x-ftr-balancer
cleversafe-proxy-1, hawkproxyprodblue
x-served-by
cache-lon4258-LON, cache-fra-etou8220025-FRA
x-ftr-request-id
00000000:CC04_00000000:01BB_65DF1FAB_3C50920:037E, 00000000:344A_00000000:01BB_65DF235C_E8E841:0B36
last-modified
Mon, 26 Feb 2024 09:46:34 GMT
x-timer
S1709123923.585499,VS0,VE0
etag
"fea1912b589a2b389821d33b8878ced2"
vary
Accept-Encoding
content-type
application/javascript
x-ftr-backend-server
cs-acc-s3-futureplc-engineering-3.corp, fievarnishprodwhite
access-control-allow-origin
*
x-clv-request-id
4493f127-8928-4214-9cd7-5996ae68c321
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
262681
accept-ranges
bytes
x-clv-s3-version
2.5
x-cache-hits
10, 3
itpro-site.js
search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/itpro-site.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d0f0b3dbe02fcf538c9e6485db547dea15bbc0a7b521b147988cfd4de8212f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
682
x-hawk-area
DE
x-ftr-dc
uk-lon1
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
s3-futureplc-engineering-accessors, fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Wed, 28 Feb 2024 12:26:00 GMT
x-ftr-balancer
cleversafe-proxy-1, hawk-proxy-185-113-25-40
x-served-by
cache-lon4259-LON, cache-fra-etou8220025-FRA
x-ftr-request-id
00000000:659A_00000000:01BB_65DF1F98_7478F00:0380, 00000000:7600_00000000:01BB_65DF21C3_7AFE80:337E
last-modified
Mon, 26 Feb 2024 09:46:33 GMT
x-timer
S1709123923.585691,VS0,VE4
etag
"a68fe8c926e26483bae941407ad66495"
vary
Accept-Encoding
content-type
application/javascript
x-ftr-backend-server
cs-acc-s3-futureplc-engineering-6.corp, fievarnishprodwhite
access-control-allow-origin
*
x-clv-request-id
5f5161cb-c7bd-4a8f-a024-9db99aebaa0e
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
620
accept-ranges
bytes
x-clv-s3-version
2.5
x-cache-hits
2, 1
promotion.js
search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/ 		132 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/promotion.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6dcd6fe70ce37deeb23544bc99b63f7e6217ae5dd2eb189897108439711193b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
321
x-hawk-area
DE
x-ftr-dc
uk-lon1
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
s3-futureplc-engineering-accessors, fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Wed, 28 Feb 2024 12:33:20 GMT
x-ftr-balancer
cleversafe-proxy-1, hawk-proxy-185-113-25-40
x-served-by
cache-lon4233-LON, cache-fra-etou8220025-FRA
x-ftr-request-id
00000000:1563_00000000:01BB_65DF1FA4_74790F2:0380, 00000000:6B7E_00000000:01BB_65DF235F_E7CFDD:3382
last-modified
Mon, 26 Feb 2024 09:46:34 GMT
x-timer
S1709123923.585748,VS0,VE0
etag
"26cf7b473b43b840007023ef3ba6d9eb"
vary
Accept-Encoding
content-type
application/javascript
x-ftr-backend-server
cs-acc-s3-futureplc-engineering-4.corp, fievarnishprodred
access-control-allow-origin
*
x-clv-request-id
32bf632b-91e9-405e-b92b-0a709fc42231
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
33105
accept-ranges
bytes
x-clv-s3-version
2.5
x-cache-hits
2, 6
bordeaux.js
bordeaux.futurecdn.net/ 		363 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bordeaux.futurecdn.net/bordeaux.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e800:5:a6be:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61be4a3d1642d3e30f379c00a432a7baf22a6a388b44bbd598e2027b06d202c5

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
W9uxgpnRkHgG5Wn1U5zkaH07bKM3raA6
content-encoding
br
x-amz-meta-bordeaux-version
5.27.4
date
Wed, 28 Feb 2024 12:19:17 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1192
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 28 Feb 2024 11:18:39 GMT
server
AmazonS3
etag
W/"34c78d6f6ce99a3a40e90f7ac7b5da8c"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
x-amz-cf-id
WkOY856jbFTNNn5IUc0P8Gr4brolrAx_d5oHrKitmFEvwbJstOYIqQ==
champagne.js
champagne.futurecdn.net/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://champagne.futurecdn.net/champagne.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:15:a2ae:35c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec41d1a75ebbdbecd0af85fa7d78c27ad6a1a8c304d6ea6f607a4cb04b114337
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront)
date
Wed, 28 Feb 2024 12:33:06 GMT
last-modified
Thu, 25 Jan 2024 15:55:23 GMT
champagne-version
latest
x-amz-cf-pop
FRA60-P9
etag
W/"65b2846b-b873"
age
336
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
f0T_vZ5TBIOIkbYxEET1tikXvDbzVKbW9q4hnuuVR0lM8DrnXAtOHg==
flexisites.min.css
vanilla.futurecdn.net/itpro/897316/media/css/ 		393 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/897316/media/css/flexisites.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d672693f0778a5affcf63364f393660ff12f63372a59da57115f28ea0b4a7518
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 14:46:19 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
165143
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC587E:DF02_00000000000000000000FFFFB971193B:01BB_65DCA43A_ECA9F:2B42D6
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
bceT4JR7qyH3_v6cBgFyA488UmH_m4UqC43KlW_-VmoiBp-MS4KGDA==
missing-image.svg
vanilla.futurecdn.net/itpro/media/img/ 		274 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanilla.futurecdn.net/itpro/media/img/missing-image.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:51:16 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
2342846
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC577F:74B2_00000000000000000000FFFFB971193B:01BB_65BB6993_13B0F2:71D07
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
aFfcoT0rf8uffBaUkJ1Gsii9YU7MDb85MKHMBs-ogmnQrzwZ_91f5A==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 11:32:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3999
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 28 Feb 2024 13:32:03 GMT
6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 		1007 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3486d15cfd4fdf0f62e3f86e7b4bb94fc9f11700539ba468f5d504ae857026f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
6093eccf-6734-4877-ac8b-83d6d0e27b46
age
0
x-guploader-uploadid
ABPtcPrNF-60dCMo-28ozbDhrIgBOJmm-WfN-ydp2PDswf8s1OQ9hJB3yBMIGds8gu4IQ4L7wR4H7ZzEPw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
249439
last-modified
Wed, 28 Feb 2024 09:58:13 GMT
server
cloudflare
etag
"42c7770cbb1bec24b8df6906357ef6ec"
vary
Accept-Encoding
x-goog-generation
1709114293044075
content-type
application/javascript
x-goog-hash
crc32c=KxjOqQ==, md5=Qsd3DLsb7CS432kGNX727A==
cache-control
public, max-age=900
x-goog-stored-content-length
249439
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85c8b9e48eae1e54-FRA
expires
Wed, 28 Feb 2024 12:53:42 GMT
freyr.js
freyr.futurecdn.net/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freyr.futurecdn.net/freyr.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:da00:19:ee95:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e1e888cfdd2f373efeda2868bed7f21323e05492b56de6b6bbc5742053009e51
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront)
date
Wed, 28 Feb 2024 12:33:06 GMT
last-modified
Wed, 21 Feb 2024 16:48:33 GMT
x-amz-cf-pop
FRA60-P10
age
336
etag
W/"65d62961-13f1e"
vary
Accept-Encoding
freyr-version
6.5.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
4Z4jp0BGd3UvZ-6h67l7_sEQsjXiiHmK-X-SFuUs_ggAJWtrUTbrVA==
gtm.js
www.googletagmanager.com/ 		266 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WWBWRXL
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9112cc2105c48e64f962c7010479d4df974a898ffd28f257ac096c9913e87464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84960
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 12:38:42 GMT
door.js
uk-script.dotmetrics.net/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/door.js?d=www.itpro.com&t=itprous
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-6.muc50.r.cloudfront.net
Software
Kestrel /
Resource Hash
3604a248e307cc47c5f233964d4f509e288e01c0d84eff43f951bf0930736ef9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
MUC50-P1
etag
".www.itpro.com.itprous.256.2024022812"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
Ai-NA-PpfJB04eJYv82oWZZo7UVngItUpVRXHZn5_PKpte4pklvndA==
flexi.js
vanilla.futurecdn.net/itpro/897316/media/shared/js/ 		137 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/897316/media/shared/js/flexi.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd8a155b13943be15cab366c32a8c5adfbaf2018c1ae24748e4f93189c6d6a63
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 14:46:23 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
165139
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC5606:FA4A_00000000000000000000FFFFB971193B:01BB_65DCA43D_ECBAB:2B42D6
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
3FIZu2Yw4mmpoWD-1qTIE3ii2wS_xmgzr56AM5d6eG3MP8BSNLaWzw==
US.svg
vanilla.futurecdn.net/itpro/media/shared/img/flags/nosize/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/img/flags/nosize/US.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c0a177730664a02710981330dacbe32e843153f32945016aa1e7b377ed4f9819
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 06:24:49 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
2355233
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC5980:D252_00000000000000000000FFFFB971193C:01BB_65BB3931_11532A:2F3C45
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
W2lzyMI7jePoVKSqW2kL5qPSUhNVVoPh3AI55i2ShUWv-lRXhvE6XQ==
missing-image.svg
vanilla.futurecdn.net/cyclingnews/media/img/ 		274 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanilla.futurecdn.net/cyclingnews/media/img/missing-image.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 08:41:30 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
1483032
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC591F:9342_00000000000000000000FFFFB971193C:01BB_65C88838_2ACC3C:3AE345
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
KOm3pvpDXEF5cddw8YjFC_2KaZjECFn1oWEbsfIP0pvZ7fWm_Z_GqA==
iframeResizer.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.11/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.11/iframeResizer.min.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6548020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4729
last-modified
Tue, 02 Jun 2020 17:36:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed68e13-34f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iz3a7Op7fJFkzw9X36%2BMWZFlG%2F7KovMy%2BBaVA4IcHPkjDTifd0lBvR8WDrTi6%2BITPrD%2F5vlXBodgEca4SSdz54QyC%2FXLuON8RZql7%2FkgPMYyYsVNGt0E0Cj%2FkvrKOZLoa9GkcpihHYM0%2F3DMTmew%2FtFS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85c8b9e488df3678-FRA
expires
Mon, 17 Feb 2025 12:38:42 GMT
hawklinks.js
search-api.fie.futurecdn.net/hl/es6/ 		479 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db840fa1fcd67d0124424d6b19586f5bbe572305a579905ade0dda709da0d684
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
25
x-hawk-area
DE
x-ftr-dc
uk-lon1
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Mon, 26 Feb 2024 10:35:45 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon4241-LON, cache-fra-etou8220063-FRA
x-ftr-request-id
00000000:C93E_00000000:01BB_65DC64D1_1168F8D:0B37
last-modified
Mon, 26 Feb 2024 09:56:23 GMT
x-timer
S1709123923.589610,VS0,VE1
etag
W/"65dc6047-77a2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
141219
accept-ranges
bytes
x-cache-hits
6, 1
main.220983bbbc554ffd5e18.bundle.js
vanilla.futurecdn.net/itpro/897316/media/shared/js/ 		309 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2e7b2db7b3cb9c9f161bad3ef097d44ba021dc2840d71bf417ec8f09a5326bfb
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 14:56:11 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
164551
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC5978:3BB2_00000000000000000000FFFFB971193C:01BB_65DCA68A_DB8A5:13ADCA
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
Z_VTyMkxRkJSfStQiUkmNytqE9eyuPSV81eW84HF7k_W2Yo7Xseclw==
p.js
cdn.parsely.com/keys/itpro.com/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/itpro.com/p.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-77-50.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0cb987d1f7d93fb998e06170acc195d1555a708fe10d20412223f98d0f69bb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
public
date
Wed, 28 Feb 2024 02:24:57 GMT
content-encoding
gzip
via
1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 18:02:26 GMT
server
nginx
x-amz-cf-pop
FRA56-P10
age
37196
etag
W/"6579f1b2-10291"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
8JKHk19_v_Tz1T5xhdgTndgr4tpeeUARsihT0I-8c6RAKC15PIgtRA==
expires
Thu, 29 Feb 2024 02:18:46 GMT
OpenSans-700-Bold.woff2
vanilla.futurecdn.net/itpro/897316/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/897316/media/shared/fonts/OpenSans-700-Bold.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 14:56:10 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
164552
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC59F7:F6AC_00000000000000000000FFFFB971193C:01BB_65DCA68A_DB88D:13ADCA
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
o6LOBcfx_JH0ECsdhF1aiDwyD7cTt8UzS8MUtPGb0eddl7ARshKbfQ==
flexisites.woff
vanilla.futurecdn.net/itpro/897316/media/fonts/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/897316/media/fonts/flexisites.woff
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2c6d13081750bfcfb93cb02b49b291d1055d5ec08d4e2e7ea8205b089c0ab390
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 14:56:10 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
164552
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC5978:3BB2_00000000000000000000FFFFB971193C:01BB_65DCA68A_DB891:13ADCA
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
kqe0thKT2u202fKTv91ySLvLtDyxzA89Y3nT2WVJr0-8J30DXE3zOw==
OpenSans-300-Light.woff2
vanilla.futurecdn.net/itpro/897316/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/897316/media/shared/fonts/OpenSans-300-Light.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 14:56:19 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-amz-cf-pop
FRA56-P6
age
164543
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC587E:20C2_00000000000000000000FFFFB971193B:01BB_65DCA693_F2CD7:2B42D6
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
aBTNV1hVh_4w1TwSOAf7d7sdTkLndxmgt5jQrlVpG2lrzfS2A4jj6Q==
hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
mos.fie.futurecdn.net/logos/models/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mos.fie.futurecdn.net/logos/models/hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-115.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 23:15:40 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
FRA56-P2
age
1948983
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon1
x-ftr-realm
pip
x-ftr-backend
s3-futureplc-engineering-accessors, mos
alt-svc
h3=":443"; ma=86400
content-length
14272
x-ftr-balancer
cleversafe-proxy-2, bulk-proxy-1
x-ftr-request-id
00000000:B5EF_00000000:0050_6599DF19_DA85FAB:17F4E, 00000000:77A8_00000000:0050_6599DF16_36379B9:130FE
last-modified
Thu, 29 Oct 2020 21:40:57 GMT
server
nginx
etag
"8d6a8139d9085d797db649ca8cd161d5"
vary
Accept-Encoding
content-type
image/jpeg
x-ftr-backend-server
cs-acc-s3-futureplc-engineering-3.corp, mos05
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
2J0gyHKKRA1PpKl9aDi0gfZaS8gr01Lg4SJLhmU9uzGnl1HoaoolmA==
access-control-allow-method
GET,OPTIONS
expires
Wed, 06 Mar 2024 23:15:41 GMT
Y5vrV2V98Np6jHAGmAtCd3-300-80.jpg
cdn.mos.cms.futurecdn.net/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/Y5vrV2V98Np6jHAGmAtCd3-300-80.jpg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a65f8e01b84c50ea7bd7658e73c4da2610fc7e9feb79880952efcab08aa4bd42
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
1049331
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Tue Dec 12 10:56:29 UTC 2023
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulk-proxy-1
x-svc-go-version
1.20.12
x-svc-name
kodiak-svc
etag
995bcaf94553130e5031d13206b8987b
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Tue, 16 Apr 2024 09:09:51 UTC
date
Fri, 16 Feb 2024 09:09:51 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/Y5vrV2V98Np6jHAGmAtCd3.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon1
alt-svc
h3=":443"; ma=86400
content-length
10737
x-ftr-request-id
00000000:92D0_00000000:01BB_65800AD8_1FEE000:11529
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
-VByBYjVRYghRleTLfBwkhvlepuB1Na-eRT2xVn5m0n8x8FYfCAG2g==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
gdpr-tcf.58eb30c76e775e62c7b9.bundle.js
cdn.privacy-mgmt.com/unified/4.17.0/ 		135 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.17.0/gdpr-tcf.58eb30c76e775e62c7b9.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d13ee0d9281c140536ab058cb7009db57c2f17f8cd523386eb1d036e5e67e19f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:47:35 GMT
content-encoding
br
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Wed, 21 Feb 2024 15:40:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
507068
etag
W/"b6d436e696a1017e80f6358719260553"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
zW4GUC68ortoU_J0W_jcaybzYe-7z5vwBRmVejSWFIbCWLSikcknNw==
ccpa-gpp.c870580faa7029059880.bundle.js
cdn.privacy-mgmt.com/unified/4.17.0/ 		185 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.17.0/ccpa-gpp.c870580faa7029059880.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
487b0a9ac483def66f2d2e6c7a6bc0f9e7e9ed20758ecb15f9c8996cf3c3bbb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:49:02 GMT
content-encoding
br
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Wed, 21 Feb 2024 15:40:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
506981
etag
W/"19b39e7fd8b3fe782ebddcc62805ee2e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
KlnWVW_Xw84Yk1XLznSh_Kh-EQ4GUkgO_pstIqBJ_C5tMriLLixIeQ==
get_site_data
cdn.privacy-mgmt.com/mms/v2/ 		208 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&account_id=200
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
/
Resource Hash
612b3bc8173e264d163c14e0f625bba234a0f71cf8c6f85736daefdcf0bdbc3e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 00:24:10 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-32-237
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
44072
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
UrUqrKRZ2nK9DBdHYsrGzI8FKhxLCXieuHNpQInrMwiQbtRPNzjtqA==
gallery.7c3788148bd749235359.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/gallery.7c3788148bd749235359.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2e64d817eb5b73d7a6ad2ad8987d769f1059469c4be84dbd70f89a997d3bbaf9
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 12:59:53 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
344329
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC5798:CD50_00000000000000000000FFFFB971193B:01BB_65D9E849_370AB2:2578C5
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
a3W3P-MsfwQSiaF4FOwzYLlmvI2O8mXTkXd8Jle0LHgl5TrQP9npHg==
enlarge-images.af98e9834bf4bfaa40f3.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/enlarge-images.af98e9834bf4bfaa40f3.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6966e52c9ca5eb31aef27c8e0ec308d1204afb27efbe1a7c78878668de441bdf
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 05:55:00 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
2011422
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC578D:77B4_00000000000000000000FFFFB971193C:01BB_65C07834_592BF6:2F3C45
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
hM3S2ESvpTcWz6lqsHxmY7z6pRxDda59R9X5i5dcKVD4TmJfZTsCWg==
fancy-box-resize.5a260cb5f1fd5d018fa5.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/fancy-box-resize.5a260cb5f1fd5d018fa5.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8e183ea492db0784dab37656a389afae69ff897aad6566bf0d2d20c0004faa16
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 23:26:51 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
2034711
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC593B:660A_00000000000000000000FFFFB971193C:01BB_65C01D3B_56187B:2F3C45
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
u7CDqDSNRs-DeAj0-PENWvhF1JJIWlokW9zMX1O8jCC_63g5FTeN9w==
topics.71b67ce542657ad41ca9.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		813 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/topics.71b67ce542657ad41ca9.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dd58e0b1154d438c85696a4cf5cef2411789335743e9e0ed3e7581b9ecc4244c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:57:48 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
2342454
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC5876:796A_00000000000000000000FFFFB971193B:01BB_65BB6B1C_13E3A4:71D07
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
rIL89Zn0S3nJ-sYGd3v_DKpxahmuDKTl_8LIOMqJJZaDxSIlnBXxZg==
embed-resize.922f91e89f6a0d76680f.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/embed-resize.922f91e89f6a0d76680f.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0f7848370e6f84495aca1c3a970215a978c64261d0e2adc0c7fea745013289c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:53:45 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
2234697
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC5832:768A_00000000000000000000FFFFB971193B:01BB_65BD1009_399F35:71D07
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
WxW0uWjNZxsBznLr68lLMv_uPOF8mV_2ZPONtGDGnxhQTMSb9zah0Q==
jwplayer-autopause.588d9e8943ee88f0de79.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-autopause.588d9e8943ee88f0de79.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d14e569ea07cb70b5a342c718651bf0bb729cec22fa12a6329896aef0f6b63a3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 09:55:37 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
1046585
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC58BE:EA04_00000000000000000000FFFFB971193B:01BB_65CF3119_41807B:19F21C
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
mRQvPcCffpIqg-pAs8d9UwwF_cs2VAm8pQI92dHYuJ-3wCbpYKVzOQ==
jwplayer-sticky-desktop.c3d42785e91aea294b87.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-desktop.c3d42785e91aea294b87.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3f8e24c384c889701a902c1e97ca487a36085c631159ece44882f8334683acb
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:38:01 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
2235641
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC578D:6DAE_00000000000000000000FFFFB971193C:01BB_65BD0C59_394EAA:2F3C45
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
BsmYfRdxC1GQe_ZW5yO-luZx7W_OIFwzjooHk-5ZZESzCezHx20J4Q==
jwplayer-sticky-mobile-editorial.b675f666cf07ef7b0b5b.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-mobile-editorial.b675f666cf07ef7b0b5b.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3e57a446cfb41aa09c338e6a7e7e6fb8501edb4901382de293b21f9adf74b9bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:34:24 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
605058
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC5903:E164_00000000000000000000FFFFB971193B:01BB_65D5EDD0_591E07:1E4CBD
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
oKbDylWpHmw_vGOPM55ROlda-FFnYkfdnR22euF1HUYoZTxQLBE26g==
jwplayer-unmute.3415becaee9b637e2e8a.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-unmute.3415becaee9b637e2e8a.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c12cfd186d2eef3f576264cb9b5c1733093b2b03b477f7ef85f4dbe9eba9f46d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:34:24 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
605058
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC577D:F006_00000000000000000000FFFFB971193B:01BB_65D5EDCF_591E06:1E4CBD
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
PVF3FUXpUX4KV48aKx-KmIQaXfA7t2ikncudGPD_QHxe3__8_R9dMA==
jwplayer-carousel-desktop-responsive.f879462186b2930ce8ad.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-desktop-responsive.f879462186b2930ce8ad.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
168d2f75a106948c75452fb5852156cd028252db2a1169caf396c10e6d85f45a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:34:24 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
605058
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC59F7:35D6_00000000000000000000FFFFB971193C:01BB_65D5EDCF_5816A8:68292
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
uZF1hBsPKQJKwTOI7hYGEK06W11C7qnaIEZJ6fno2WnZ8w_8Fpy3Qg==
jwplayer-carousel-mobile-responsive.ac24826aea18ada2673d.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-mobile-responsive.ac24826aea18ada2673d.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
674335d9947e05baaeb827371ace9fe4ac36dfa6822500463a3a5ec4e1caf0f9
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:34:24 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
605058
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC56C3:248A_00000000000000000000FFFFB971193C:01BB_65D5EDCE_5816A9:68292
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
Vo4xKnSlNazVtOqio-jLhRBZlQZhZXTG5N7NbDYTzfK5OOYfww4FWA==
open-ahead-embeds.4c51f5668500974f7e23.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/open-ahead-embeds.4c51f5668500974f7e23.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
52d2dacf7773823b0f78d80200d2d739de5267d0cfde51b310e350076cc88c5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 01:27:55 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
2286647
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC59A5:8C72_00000000000000000000FFFFB971193B:01BB_65BC451B_2A13E3:71D07
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
OzonYyh8t38vDVOp39_oDglVOz10WVKGDkycaA-gXNlnEx7UD9S7vw==
sticky-nav-responsive.cd124eb3e5b0e71d5395.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/sticky-nav-responsive.cd124eb3e5b0e71d5395.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d29407e6f342faf3cea0d571fae3e62e05ed41c84c7e9d9d627996991e5ab646
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:34:24 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
605058
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC5903:E178_00000000000000000000FFFFB971193B:01BB_65D5EDD0_591E08:1E4CBD
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
Ywnq9_1uva_RAWYo5X5qEZAnThc8I5aLvb4rwziNt0V8usu1UUeDfQ==
table-scroll.11b2485a2e31dba6e145.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/table-scroll.11b2485a2e31dba6e145.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c91d892beb7af4b7a43d265eaf39486cf8f588e2a4fe2022751486de81ea2011
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:34:24 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
605058
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC56C3:248C_00000000000000000000FFFFB971193C:01BB_65D5EDD0_5816AB:68292
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
clBtKJmUPFV-c8699GQhwypDSPApKXJJ8xKLdUFQJ612KI4o602e-A==
infinite-scroll.8bda83defc9997b454f3.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/infinite-scroll.8bda83defc9997b454f3.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
359d578d1c1e7bfe76a8c3eb0b041d4f14a406e29f4e06c4be0c761ce39c1627
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 14:45:16 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
1893206
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-01
x-ftr-request-id
00000000000000000000FFFF40FC584D:8DA6_00000000000000000000FFFFB971193C:01BB_65C245FC_18C13E:368462
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
4q-hVqeXjO0kRwIfqjncJsrQ9t5ofTbjnAnxY0FiMR4KQCCtogmbWw==
suggestion-box.5bdb8337be44ec4ffa71.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/suggestion-box.5bdb8337be44ec4ffa71.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8922e4a7f83b11ecc071628898f917d817b3072ff21a9de6f263095313449efc
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 12:34:24 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
605058
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC5903:E16C_00000000000000000000FFFFB971193B:01BB_65D5EDD0_591E09:1E4CBD
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
mGwLQSeqUlbl5aboLCX5_mXPxOAp5hIU0cILA05JkQ2fACyDsonicw==
nav-subscribe.13ed7770bdd1773928b1.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/nav-subscribe.13ed7770bdd1773928b1.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/897316/media/shared/js/main.220983bbbc554ffd5e18.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5600:6:4010:e280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
911f87c6719940785ed3be3ae12d86110500651a2204a60004b138044cc89982
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 15:51:41 GMT
content-encoding
gzip
x-cs-bucket
van-ass-prod
x-content-type-options
nosniff
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
age
1889221
x-amz-cf-pop
FRA56-P6
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-ftr-backend
van-prod
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ftr-balancer
web-http-proxy-prod-02
x-ftr-request-id
00000000000000000000FFFF40FC577F:9C12_00000000000000000000FFFFB971193B:01BB_65C2558A_1B33CA:E5E03
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
max-age=2592000, public
permissions-policy
interest-cohort=()
x-smartersafe-version
x-amz-cf-id
llWxcBjmbzRi8EpWJhQ6bqOwzPXpv8UXJEi1-6WjbCJ65s4dTgUpbw==
hybrid_id
ads.servebom.com/ 		43 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servebom.com/hybrid_id
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:12:b587:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8eb89aba3abc1d2cccc1f9ad9a9470da7025e9ff1a0148560ad7b4517c73a621

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
content-length
69
x-amz-cf-id
6ZU5imXmk6qeB0kUQ3GptcCuaYPl9eOpcaOejOt9v2Fhkrpo2n3kQA==
publisher:getClientId
ampcid.google.de/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
future.adtech.freyr.v1.PageViewEvent
eventsproxy.gargantuan.futureplc.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eventsproxy.gargantuan.futureplc.com/future.adtech.freyr.v1.PageViewEvent
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.72.109.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-109-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 28 Feb 2024 12:38:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
js
www.googletagmanager.com/gtag/ 		258 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWBWRXL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56efb72c0fe17bdf89eb8a247c96d3fdbdc230f5802666c929f7ebe090fb4d95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Feb 2024 12:38:42 GMT
future.adtech.freyr.v1.PageViewEvent
eventsproxy.gargantuan.futureplc.com/ 		512 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eventsproxy.gargantuan.futureplc.com/future.adtech.freyr.v1.PageViewEvent
Requested by
Host: freyr.futurecdn.net
URL: https://freyr.futurecdn.net/freyr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.72.109.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-109-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
39dd30475086d65e35f0e249b4bcb1f8c2b9aaaaf86b49f9cd8634b7aec1c8a8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
x-svc-go-version
-
x-svc-env
prod
x-svc-name
gargantuan-proxy
vary
Origin
x-ratelimit-remaining
1883
content-type
application/json
access-control-allow-origin
*
x-ratelimit-reset
1709123923
x-ratelimit-limit
2000
x-svc-version
-
x-svc-build-time
-
wJTa4C5M48quyZBahu2DXo-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/wJTa4C5M48quyZBahu2DXo-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8224c546fc99f50137100a9b4d6869a2d6520524a2ba7c317d904dd4eb141a14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
1202357
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulkproxyprodred
x-svc-go-version
1.20.13
etag
d664421f6b15cf7c1699df850a4fbacb
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 14 Apr 2024 14:39:25 UTC
date
Wed, 14 Feb 2024 14:39:25 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/wJTa4C5M48quyZBahu2DXo.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon2
alt-svc
h3=":443"; ma=86400
content-length
95664
x-ftr-request-id
00000000:5A0C_00000000:01BB_65CCD09B_42DCBC:1081
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
5ghzlDrengx-Vf5wvFavpZgaNuZeGLQpbfZbxDe9Sy2c2uc-9bDpqA==
7fFK6JAcpPwJ8Pn24KeHta-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/7fFK6JAcpPwJ8Pn24KeHta-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8fe39ae8576615f9f35e9b2cd5e9ef421c64641f4f1fdba08f11d2a1eb811c2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
688394
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulkproxyprodred
x-svc-go-version
1.20.13
etag
ffa57be472427160afe7d65715354f1c
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sat, 20 Apr 2024 13:25:28 UTC
date
Tue, 20 Feb 2024 13:25:28 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/7fFK6JAcpPwJ8Pn24KeHta.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon2
alt-svc
h3=":443"; ma=86400
content-length
29076
x-ftr-request-id
00000000:DA4E_00000000:01BB_65D4A844_A63129:66B0
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
VQfWhuSAELfoMoN5Dy-chfctb8-aWFJgm0wy_BgdZRgyDpY52Hzvzg==
kWyfmcKB8bFxE7pjxroB26-925-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/kWyfmcKB8bFxE7pjxroB26-925-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5043ca258dbde287cac64a2d61c41df6ad9d91aa3672aa3c1b694b68af92cb97
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
293999
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulkproxyprodred
x-svc-go-version
1.20.13
etag
5a5a933cc4a77bd4cf6b5352cf8e7916
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Thu, 25 Apr 2024 02:58:43 UTC
date
Sun, 25 Feb 2024 02:58:43 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/kWyfmcKB8bFxE7pjxroB26.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon2
alt-svc
h3=":443"; ma=86400
content-length
26024
x-ftr-request-id
00000000:C556_00000000:01BB_65DAACE1_19E19DF:66B0
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
SqJcvW4NLjfOMfXHPPF4wtAOYjgGj7Sr0ZB-c7lmve8MJQ9FaBv3Aw==
cR79xdx35hpP8v9w73TdbQ-925-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/cR79xdx35hpP8v9w73TdbQ-925-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1302a3222e1c0d2325c7b94fdb944ca20d8534b9af03b7b71e3a9842bb4d9425
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
425833
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
HIT
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulk-proxy-1
x-svc-go-version
1.20.13
etag
1b6fe00ccfe0dc34a3f80c1447993daa
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Tue, 23 Apr 2024 14:21:28 UTC
date
Fri, 23 Feb 2024 14:22:18 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/cR79xdx35hpP8v9w73TdbQ.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon1
alt-svc
h3=":443"; ma=86400
content-length
21844
x-ftr-request-id
00000000:6524_00000000:01BB_65D8AA1A_151B51D:DFFD
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
zGJ_WpJvdnpr8Ra_hpoNFnULYwBpPxSYYmOFHARXWLVMCqtbE6KZ-A==
7fFK6JAcpPwJ8Pn24KeHta-925-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/7fFK6JAcpPwJ8Pn24KeHta-925-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c9f3a89d16013a5625a8ed8ab79e85d88e859cd0c806cc7a19ef440bcc7ec745
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
689720
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulk-proxy-1
x-svc-go-version
1.20.13
etag
ffa57be472427160afe7d65715354f1c
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sat, 20 Apr 2024 13:03:22 UTC
date
Tue, 20 Feb 2024 13:03:22 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/7fFK6JAcpPwJ8Pn24KeHta.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon1
alt-svc
h3=":443"; ma=86400
content-length
27524
x-ftr-request-id
00000000:4502_00000000:01BB_65D4A318_A50C6A:DFFD
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
NybZbalgS_Z6BSPZ5t_agRu35IwVtxAzO2srt4xH-Cw9NOvLIlLFvg==
ZwJYgYeWHbjAH7vhgezPkD-925-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/ZwJYgYeWHbjAH7vhgezPkD-925-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d4988ac5543c0b67c19b3608e5b70922afe06b63ddd9ba56b295f6bf5dceb661
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
867742
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulk-proxy-1
x-svc-go-version
1.20.13
etag
5717f4e5296628a062e6b946f1d83159
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Thu, 18 Apr 2024 11:36:20 UTC
date
Sun, 18 Feb 2024 11:36:20 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/ZwJYgYeWHbjAH7vhgezPkD.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon1
alt-svc
h3=":443"; ma=86400
content-length
23856
x-ftr-request-id
00000000:6F98_00000000:01BB_65D1EBB3_36E7A8:DFFD
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
v6p2NsxtXXTt7dHPfEgx-wZER5YCAB_xXoGdwyaIxFiDD-D2X95oDA==
/
sommelier.futurehybrid.tech/config/ 		15 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sommelier.futurehybrid.tech/config/?r=596&tpl=article&l=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&sw=1600
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.242.252.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-252-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
60a10f2834b067b8760090082163f794fa33d6e397b00495514499ee3c21e2ba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Feb 2024 12:38:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1709123922868&plid=cac83654-9acf-45ed-97cf-37d6a1fcd94b&idsite=itpro.com&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack%22%2C%22hash%22%3A1109270350%7D%7D&sid=1&surl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&sref=&sts=1709123922832&slts=0&title=Schneider+Electric+confirms+data+was+stolen+in+Cactus+ransomware+attack+%7C+ITPro&date=Wed+Feb+28+2024+13%3A38%3A42+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=92e82662-c4bc-4b52-b881-79201d9fe4ba&u=pid%3Db25f3d14-102f-413e-b7e3-87298b3c08d3
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 12:38:42 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 28-Feb-2024 12:38:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ 		299 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=200&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%2C%22ccpa%22%3A%7B%7D%7D&propertyId=30869&ch=null&scriptVersion=4.17.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
b5713c526e44ad558557e39e0d02e2bc4dfddc2e7feeaef83b7f8d11531c7907
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:23:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
928
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
299
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
PAjJlb5KnDAXdjkthgESv5yqOjuFLPHLqWw5B9fQfq2d47uo9qE74w==
collect
www.google-analytics.com/j/ 		3 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2126596551&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&ul=en-us&de=UTF-8&dt=Schneider%20Electric%20confirms%20data%20was%20stolen%20in%20Cactus%20ransomware%20attack%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAQCACAAI~&jid=1705193520&gjid=2044121599&cid=1468142828.1709123923&tid=UA-1011119-1&_gid=1252261381.1709123923&_slc=1&cd57=null&cd40=Schneider_Electric&cd41=Cactus%7CRansomware%7CData%7CRansom%7CRansomware_as_a_Service&cd42=Schneider_Electric&cd43=Getty_Images%7CWalmart%7CSoftware%7CPepsiCo&cd45=Schneider_Electric&cd46=Schneider_Electric&cd47=Schneider_Electric_confirms_data_was_stolen_in_Cactus_ransomware_attack&cd50=5&cd51=false&cd58=Schneider_Electric%7CRansomware%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd5=8HFKPLRDvLB9iRiNBMaeQQ&cd7=ross_kelly&cd99=0&cd128=20-02-2024&cd1=news&cd2=&cd3=ransomware%7Csecurity&cd6=%7Cschneider_electric%7Cserversidehawk&cd8=20-02-2024&cd27=897316&cd33=text%2Ctext%2Ctext%2Cembed%2Ctext%2Ctext%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Cheading%2Ctext%2Ctext%2Ctext%2Ctext&cd53=2024-02-20T11%3A27%3A19.642Z&cd61=pageLoad&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS&cd134=serversidehawk&cd31=10&cd30=4g&z=68790441
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1011119-1&cid=1468142828.1709123923&jid=1705193520&gjid=2044121599&_gid=1252261381.1709123923&_u=YGBAgEABBAQCAGAAI~&z=614158962
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 28 Feb 2024 12:38:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
messages
cdn.privacy-mgmt.com/wrapper/v2/ 		100 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A200%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=445663914446731541ee16&scriptVersion=4.17.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
cd251f440b4debfbd8f71df5102043bb0544e7feb5f66ccadf1f67cb1403ff57
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
RsFcvJYjduMF9LZSd5B6ylu-Tka-g73HuqD7_b0GzR_sijzb2aENMg==
regionRedirectBanner.js
slice.vanilla.futurecdn.net/12-8-8/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/12-8-8/js/regionRedirectBanner.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d3b5e3088d11c3b51e10f98098380c26eb1246608431f8a5617a36ceaa8e01dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
167031
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1589
x-served-by
cache-fra-etou8220123-FRA
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id
00000000000000000000FFFF8CF84A35:5FC8_00000000000000000000FFFFB9711932:01BB_65DC9CDC_7654E5:6BA5C
last-modified
Mon, 26 Feb 2024 13:33:55 GMT
x-timer
S1709123923.923759,VS0,VE0
etag
W/"103f-18de59f3f4a"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1610
localeSelector.js
slice.vanilla.futurecdn.net/12-8-8/js/ 		171 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/12-8-8/js/localeSelector.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43398c8955efc2532896c7d5e915e3c8ee0a13e40704f310ff474bed8fcf43bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
167025
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
45586
x-served-by
cache-fra-etou8220123-FRA
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-2
x-ftr-request-id
00000000000000000000FFFF8CF84B56:EBDE_00000000000000000000FFFFB9711938:01BB_65DC9CE1_6BCB38:31D934
last-modified
Mon, 26 Feb 2024 13:33:55 GMT
x-timer
S1709123923.923951,VS0,VE0
etag
W/"2ab64-18de59f3f4a"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1628
popularBox.js
slice.vanilla.futurecdn.net/12-8-8/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/12-8-8/js/popularBox.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76bcb58c24ce18ab42bba81850cb38e22cf310b6a25d1af8a80a4b07044b1204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
167022
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4055
x-served-by
cache-fra-etou8220123-FRA
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-2
x-ftr-request-id
00000000000000000000FFFF8CF84B2E:91DA_00000000000000000000FFFFB9711938:01BB_65DC9CE4_6BD4B2:31D934
last-modified
Mon, 26 Feb 2024 13:33:55 GMT
x-timer
S1709123923.923946,VS0,VE0
etag
W/"30f3-18de59f3f4a"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
803
translations.php
search-api.fie.futurecdn.net/ 		33 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/translations.php?language=en-DE
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/responsive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
abdaab60658a6297ca20673a68358b44f3a3d495fd81845c5003f32b5087f32b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:42 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
688
x-hawk-area
DE
x-ftr-dc
uk-lon2
x-cache
MISS, HIT
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Wed, 28 Feb 2024 12:47:15 GMT
x-ftr-balancer
hawkproxyprodred
x-served-by
cache-lon4264-LON, cache-fra-etou8220063-FRA
x-ftr-request-id
00000000:F9D2_00000000:01BB_65DF26A4_17F828B:560D
content-length
10517
x-timer
S1709123923.964239,VS0,VE0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
0, 4
YYRngYhb
cdn.jwplayer.com/v2/playlists/ 		72 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/YYRngYhb
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-desktop-responsive.f879462186b2930ce8ad.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
100871cc05c2a411172377b057a753175a420a1fe8753e593412b4ae171f7409

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
content-encoding
gzip
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
8695
x-amz-cf-id
yk8GdCN8smTWP6M5EmN8TSq2YL_m0c0npXPvtHbqwJdp_-YcnYcEAg==
expires
Wed, 28 Feb 2024 12:41:43
aWeJUC35.js
content.jwplatform.com/libraries/ 		121 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/aWeJUC35.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-desktop-responsive.f879462186b2930ce8ad.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
37b8d2b685e43d30c76d66096811b49926820f0568ecff191f656b5e932e1c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
45345
x-amz-cf-id
2zj41qtx1fGBp8tJXk5ZZvdDvgOzNsFpJ73ggDBwYR0n4m_UibZtbQ==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2126596551&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&ul=en-us&de=UTF-8&dt=Schneider%20Electric%20confirms%20data%20was%20stolen%20in%20Cactus%20ransomware%20attack%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=jwplayer&ea=jwplayerVideoPresent&_u=aGBAgEABBAQCAGAAI~&jid=&gjid=&cid=1468142828.1709123923&tid=UA-1011119-1&_gid=1252261381.1709123923&cd57=null&cd40=Schneider_Electric&cd41=Cactus%7CRansomware%7CData%7CRansom%7CRansomware_as_a_Service&cd42=Schneider_Electric&cd43=Getty_Images%7CWalmart%7CSoftware%7CPepsiCo&cd45=Schneider_Electric&cd46=Schneider_Electric&cd47=Schneider_Electric_confirms_data_was_stolen_in_Cactus_ransomware_attack&cd50=5&cd51=false&cd58=Schneider_Electric%7CRansomware%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd5=8HFKPLRDvLB9iRiNBMaeQQ&cd7=ross_kelly&cd99=0&cd128=20-02-2024&cd1=news&cd2=&cd3=ransomware%7Csecurity&cd6=%7Cschneider_electric%7Cserversidehawk&cd8=20-02-2024&cd27=897316&cd33=text%2Ctext%2Ctext%2Cembed%2Ctext%2Ctext%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Cheading%2Ctext%2Ctext%2Ctext%2Ctext&cd53=2024-02-20T11%3A27%3A19.642Z&cd61=pageLoad&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS&cd134=serversidehawk&cd31=10&cd30=4g&z=513578568
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 08:22:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15356
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
231731b8-d5f5-4fbc-9f76-d43f11e4362c
https://www.itpro.com/ 		559 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.itpro.com/231731b8-d5f5-4fbc-9f76-d43f11e4362c
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e00fca443a0624c2dbbca224f41daaa1089454950a2f44f5f8c492cf71f005e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
572073
Content-Type
merchant-domains.php
search-api.fie.futurecdn.net/ 		649 KB
99 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/merchant-domains.php?site=ITPROUS
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd275f8b485321084bb94b2696b5749e4c7316c1bbf3ab111c1e6c04e12dc2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
11
x-hawk-area
DE
x-ftr-dc
uk-lon2
x-cache
MISS, MISS
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
100205
x-ftr-expires
Wed, 28 Feb 2024 12:58:31 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-36
x-served-by
cache-lon4221-LON, cache-fra-etou8220076-FRA
x-ftr-request-id
00000000:F432_00000000:01BB_65DF2952_AB1CCA:40EF
x-timer
S1709123923.978700,VS0,VE42
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
0, 0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1011119-1&cid=1468142828.1709123923&jid=1705193520&_u=YGBAgEABBAQCAGAAI~&z=2135198787
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1011119-1&cid=1468142828.1709123923&jid=1705193520&_u=YGBAgEABBAQCAGAAI~&z=2135198787
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2126596551&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&ul=en-us&de=UTF-8&dt=Schneider%20Electric%20confirms%20data%20was%20stolen%20in%20Cactus%20ransomware%20attack%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=future_id&ea=set%20hybrid_id&el=&_u=aGBAgEABBAQCAGAAI~&jid=&gjid=&cid=1468142828.1709123923&tid=UA-1011119-1&_gid=1252261381.1709123923&cd57=null&cd40=Schneider_Electric&cd41=Cactus%7CRansomware%7CData%7CRansom%7CRansomware_as_a_Service&cd42=Schneider_Electric&cd43=Getty_Images%7CWalmart%7CSoftware%7CPepsiCo&cd45=Schneider_Electric&cd46=Schneider_Electric&cd47=Schneider_Electric_confirms_data_was_stolen_in_Cactus_ransomware_attack&cd50=5&cd51=false&cd58=Schneider_Electric%7CRansomware%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd5=8HFKPLRDvLB9iRiNBMaeQQ&cd7=ross_kelly&cd99=0&cd128=20-02-2024&cd1=news&cd2=&cd3=ransomware%7Csecurity&cd6=%7Cschneider_electric%7Cserversidehawk&cd8=20-02-2024&cd27=897316&cd33=text%2Ctext%2Ctext%2Cembed%2Ctext%2Ctext%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Cheading%2Ctext%2Ctext%2Ctext%2Ctext&cd53=2024-02-20T11%3A27%3A19.642Z&cd61=pageLoad&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS&cd134=serversidehawk&cd31=10&cd30=4g&cd77=C3A647B21B4E4DD98BFD14B297D47ED2&z=1092715525
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 08:22:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15356
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
widget.php
search-api.fie.futurecdn.net/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/widget.php?model_name=TechRadar%20Magazines&article_type=news&article_category=retail&language=en-DE&site=ITPRO&filter_product_types=deals%2Csubscriptions&rows=1&device=desktop&origin=widgets-clientside
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2cecb01d9c1ed9c922fe6f88f91fbcb689350010d3e1ecf87937827888cc3b2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
1107
x-hawk-area
DE
x-ftr-dc
uk-lon2
x-cache
MISS, HIT
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
1408
x-ftr-expires
Wed, 28 Feb 2024 12:40:15 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-36
x-served-by
cache-lon4221-LON, cache-fra-etou8220076-FRA
x-ftr-request-id
00000000:AE00_00000000:01BB_65DF253C_8E83D5:40EB
x-timer
S1709123923.015974,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
0, 1
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=445663914446731541ee16&scriptVersion=4.17.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.itpro.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Wed, 28 Feb 2024 12:38:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
9Qt6gJYEOXrcAsxccNQJY0P2ddOzy1PkJMXTMtMQvjwYjO95_4Ml7w==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		195 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=445663914446731541ee16&scriptVersion=4.17.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
2cc99640fabdd60d56c2f03e24f2dbdbee5bef6babc47abe8e541102d5ce4d36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
195
x-amz-cf-id
AmBdEW9o_kBAD5MMk-5Qcic_Ik1WpkuUKShfHfdUsf_Bo3DNGI0Ccg==
collect
region1.analytics.google.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E36MVD1BQT&gtm=45je42q1v868801683z8896039803za220&_p=1709123922557&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=1468142828.1709123923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dt=Schneider%20Electric%20confirms%20data%20was%20stolen%20in%20Cactus%20ransomware%20attack&sid=1709123922&sct=1&seg=0&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&tfd=591
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E36MVD1BQT&cid=1468142828.1709123923&gtm=45je42q1v868801683z8896039803za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E36MVD1BQT&cid=1468142828.1709123923&gtm=45je42q1v868801683z8896039803za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=972162123
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hit.gif
uk-script.dotmetrics.net/ 		43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk-script.dotmetrics.net/hit.gif?id=12368&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&dom=www.itpro.com&r=1709123923076&pvs=1&pvid=1fe6c76a-fe40-4b33-b314-0a597a29f55b&c=false&tzOffset=-60&doorUrl=http%3a%2f%2fuk-script.dotmetrics.net%2fdoor.js%3fd%3dwww.itpro.com%26t%3ditprous
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-6.muc50.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
dotmetrics-hit-status
01 OK
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
vOwF3kRGG9EAcvIP7tef7kNSwsSBGI0TyFY92SyFT5msSWckwR6b-w==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=12368&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&dom=www.itpro.com&r=1709123923076&pvs=1&pvid=1fe6c76a-fe40-4b33-b314-0a597a29f55b&c=false&tzOffset=-60
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:a00:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 07:29:19 GMT
via
1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
18565
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
5LPGmDXdjTMW1Kj29i5C-gnNqRuIv2no8gIDWRXq7vwGP2Ez-MOpeQ==
index.html
cdn.privacy-mgmt.com/ Frame DDA3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
598c62ec0d4a4b800c2a2ce698931f524171cf10d31e3aa351fb771adb9b6811

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2409
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Wed, 28 Feb 2024 11:58:35 GMT
etag
W/"eac55f63ed5eaccbb9a8ab361225ec7b"
last-modified
Thu, 08 Feb 2024 15:59:41 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
EZjvNqfQ16TBlXsLSGTJmnqB4NNUGwnaReeY9JPyY6yqeIvAWXa5Iw==
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
seasonal.js
search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/ 		130 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/seasonal.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/responsive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb5a411954b073afc5a03917286187faccb2a34918f98def598e76e7bcf6c009
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
346
x-hawk-area
DE
x-ftr-dc
uk-lon1
x-cache
MISS, HIT
x-ftr-realm
pip
x-ftr-backend
s3-futureplc-engineering-accessors, fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Wed, 28 Feb 2024 12:32:54 GMT
x-ftr-balancer
cleversafe-proxy-1, hawkproxyprodblue
x-served-by
cache-lon4241-LON, cache-fra-etou8220025-FRA
x-ftr-request-id
00000000:7DA0_00000000:01BB_65DF1F61_4B7B672:037F, 00000000:103A_00000000:01BB_65DF2346_A95A27:0B35
last-modified
Mon, 26 Feb 2024 09:46:34 GMT
x-timer
S1709123923.111311,VS0,VE0
etag
"45cc4bf565a155e31ee1f4bb34e00f1d"
vary
Accept-Encoding
content-type
application/javascript
x-ftr-backend-server
cs-acc-s3-futureplc-engineering-5.corp, fievarnishprodred
access-control-allow-origin
*
x-clv-request-id
cd17f221-c6c0-45c5-9ab0-e0cb345732d3
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
32769
accept-ranges
bytes
x-clv-s3-version
2.5
x-cache-hits
0, 3
/
r.skimresources.com/api/ 		149 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?persistence=1&xguid=01BT2SNRZKMTD96W8181AS0KKC&data={%22pubcode%22:%2292X363%22,%22domains%22:[%22itpro.com%22,%22www.se.com%22,%22quorumcyber.com%22],%22page%22:%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack%22}&checksum=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
476817866f2441a4e0b74db16043f0108699efd2912d68b0574868f887083249
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
WHkQHadtMbBa5NoUAMd84o-1280-80.jpeg
cdn.mos.cms.futurecdn.net/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/WHkQHadtMbBa5NoUAMd84o-1280-80.jpeg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5313f0297ec7397761e4ff47d2500db29b44b9a0aa11ddcaf9cc93123746f542
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
533930
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulkproxyprodred
x-svc-go-version
1.20.13
etag
4b2e016229085509f358df176ccc197c
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Mon, 22 Apr 2024 08:19:53 UTC
date
Thu, 22 Feb 2024 08:19:53 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/WHkQHadtMbBa5NoUAMd84o.jpeg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon2
alt-svc
h3=":443"; ma=86400
content-length
153451
x-ftr-request-id
00000000:5122_00000000:01BB_65D703A9_10C9ABC:66B0
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
w9rN5LwDqqXcHpXRioUzTuMoSlAbyQhkbkp-H8WHnP_91yJU-srDKw==
Notice.c6498.css
cdn.privacy-mgmt.com/ Frame DDA3 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.c6498.css
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78b435cd47263da5359608172fe71c285cc5e11e012148eb6126ce32ab36137c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:41:02 GMT
content-encoding
gzip
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Feb 2024 15:59:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
3462
x-amz-server-side-encryption
AES256
etag
W/"449822fce3259c38744ce3adb53a8d44"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
HusVV9soqNcmmOgKqaHbWvKGAmy3kQrEanf3-oylz1lgPC9npUU7yw==
polyfills.b0798.js
cdn.privacy-mgmt.com/ Frame DDA3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/polyfills.b0798.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 11:41:48 GMT
content-encoding
gzip
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Feb 2024 15:59:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
3416
x-amz-server-side-encryption
AES256
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
daoj_TG9-PSoySnluxMqvT1urySFzNjrfgmDzuSTxrsj9GA94pf71Q==
Notice.cd634.js
cdn.privacy-mgmt.com/ Frame DDA3 		291 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.cd634.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1b0dcf1415a4eba4b21af3df4f1371f97daea7a418169504300cb877aa37983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:29:48 GMT
content-encoding
gzip
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Feb 2024 15:59:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
536
x-amz-server-side-encryption
AES256
etag
W/"a0f110214ff2fcbc3617a9fac4cd2d66"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
0EyVynobnnALUi1yGZpaNp_7bErlUpvl9bhbD2AJY8I9PGsUJAKYgQ==
seasonal.min.css
search-api.fie.futurecdn.net/css/browser/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/ 		74 B
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/css/browser/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/seasonal.min.css
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/promotion.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
61abfc5de5a0c0f86a2fcf857118cb9c9f5ab4feb35881b5d4e57fd3115c8122
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
318
x-hawk-area
DE
x-ftr-dc
uk-lon1
x-cache
MISS, HIT
x-ftr-realm
pip
x-ftr-backend
s3-futureplc-engineering-accessors, fie-assets
x-ftr-cache-status
HIT
content-length
60
x-ftr-expires
Wed, 28 Feb 2024 12:33:24 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
cleversafe-proxy-2, hawk-proxy-185-113-25-40
x-served-by
cache-lon420144-LON, cache-fra-etou8220030-FRA
x-ftr-request-id
00000000:4376_00000000:01BB_65DF1F84_6481995:FA89, 00000000:39A2_00000000:01BB_65DF2361_176CBFC:3383
last-modified
Mon, 26 Feb 2024 09:46:28 GMT
x-timer
S1709123923.171075,VS0,VE0
etag
"b60abc93908ef603e8cd7752d8305c90"
vary
Accept-Encoding
content-type
text/css
x-ftr-backend-server
cs-acc-s3-futureplc-engineering-6.corp, fievarnishprodwhite
access-control-allow-origin
*
x-clv-request-id
701bf4b4-2f50-4b6f-ba3c-9354d4e68f78
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges
bytes
x-clv-s3-version
2.5
x-cache-hits
0, 2
seasonal.php
search-api.fie.futurecdn.net/ 		58 B
727 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/seasonal.php?article_type=news&article_category=retail&language=en-DE&site=ITPRO&device=desktop&origin=widgets-clientside
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/16.59.0-64d15c43dd243e6b68db4a5a8e70c1d39d0c0862/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3685003d5a704e764772420eddbf90022c26b4565936bde16953b313df3831f6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
1107
x-hawk-area
DE
x-ftr-dc
uk-lon2
x-cache
MISS, HIT
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
54
x-ftr-expires
Wed, 28 Feb 2024 12:40:15 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawkproxyprodred
x-served-by
cache-lon4269-LON, cache-fra-etou8220076-FRA
x-ftr-request-id
00000000:5F8C_00000000:01BB_65DF253C_AE8B43:560B
x-timer
S1709123923.171781,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
0, 1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2126596551&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&ul=en-us&de=UTF-8&dt=Schneider%20Electric%20confirms%20data%20was%20stolen%20in%20Cactus%20ransomware%20attack%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Affiliates&ea=Retail%20Promotion%20widget%20viewed&el=TechRadar%20Magazines&_u=6GDAAEABBAQCAGAAI~&jid=1859444493&gjid=578294250&cid=1468142828.1709123923&tid=UA-1011119-1&_gid=1252261381.1709123923&_r=1&cd40=Schneider_Electric&cd41=Cactus%7CRansomware%7CData%7CRansom%7CRansomware_as_a_Service&cd42=Schneider_Electric&cd43=Getty_Images%7CWalmart%7CSoftware%7CPepsiCo&cd45=Schneider_Electric&cd46=Schneider_Electric&cd47=Schneider_Electric_confirms_data_was_stolen_in_Cactus_ransomware_attack&cd50=5&cd58=Schneider_Electric%7CRansomware%7CSecurity&cd10=EN-US&cd5=8HFKPLRDvLB9iRiNBMaeQQ&cd7=ross_kelly&cd99=0&cd128=20-02-2024&cd1=news&cd3=ransomware%7Csecurity&cd6=%7Cschneider_electric%7Cserversidehawk&cd8=20-02-2024&cd27=897316&cd33=null&cd53=2024-02-20T11%3A27%3A19.642Z&cd61=pageLoad&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS&cd134=serversidehawk&cd31=10&cd30=4g&cd12=2351129&cd14=Magazines%20Direct&cd16=null&cd17=1&cd25=EUR%208&cd37=null&cd48=Technology%20Magazines&cd60=retail&cd65=rgb(255%2C%20255%2C%20255)&cd66=null&cd73=null&cd75=null&cd76=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fawinmid%3D2961%26awinaffid%3D103504%26clickref%3Ditpro-de-custom-tracking%26p%3Dhttps%253A%252F%252Fwww.magazinesdirect.com%252Fcategories%252Ftech%252F&cd84=null&cd90=5431f6d7-2919-4bea-b792-12d860278155&cd105=6539&cd111=null&cd115=appeared&cd116=null&cd117=null&cd118=null&cd122=null&cd124=null&cd125=null&cd161=null&cm1=695&cm3=177.69999980926514&cm24=0&cm27=8851&z=1493540663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ncs-script.js
uk-script.dotmetrics.net/Scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/Scripts/ncs-script.js?v=256
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/door.js?d=www.itpro.com&t=itprous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-6.muc50.r.cloudfront.net
Software
Kestrel /
Resource Hash
e96b558c02041fe94c15887549e5132e08e027e9081779b654570236ac38c6ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:43 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 11:46:23 GMT
server
Kestrel
x-amz-cf-pop
MUC50-P1
etag
"1da6584c2415b0e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
OGbf0ffXl0xOaVXwDRZ71VCSB71pWRQQzup2XAHi-L3xNfgtFphTdQ==
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1011119-1&cid=1468142828.1709123923&jid=1859444493&gjid=578294250&_gid=1252261381.1709123923&_u=6GDAAEABBAQCAGAAI~&z=420443563
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 28 Feb 2024 12:38:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame DDA3 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=30869
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/Notice.cd634.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-40.fra6.r.cloudfront.net
Software
/
Resource Hash
86095e8fd7d8de46e040c0d6b9a6c37c4ffb58e89c105c28d11ca5e8dff17610
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1051133&consentUUID=null&preload_message=true&version=v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:23:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
929
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
YDXj3c5G966-2-Efz7ysYLkhQotVMDJrlstfNIqSqqID9yQOMeting==
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1011119-1&cid=1468142828.1709123923&jid=1859444493&_u=6GDAAEABBAQCAGAAI~&z=73823358
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1011119-1&cid=1468142828.1709123923&jid=1859444493&_u=6GDAAEABBAQCAGAAI~&z=73823358
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 12:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2126596551&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&ul=en-us&de=UTF-8&dt=Schneider%20Electric%20confirms%20data%20was%20stolen%20in%20Cactus%20ransomware%20attack%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=jwplayer&ea=jwplayerCodeFired&_u=6GDAgEABBAQCAGAAI~&jid=&gjid=&cid=1468142828.1709123923&tid=UA-1011119-1&_gid=1252261381.1709123923&cd57=null&cd40=Schneider_Electric&cd41=Cactus%7CRansomware%7CData%7CRansom%7CRansomware_as_a_Service&cd42=Schneider_Electric&cd43=Getty_Images%7CWalmart%7CSoftware%7CPepsiCo&cd45=Schneider_Electric&cd46=Schneider_Electric&cd47=Schneider_Electric_confirms_data_was_stolen_in_Cactus_ransomware_attack&cd50=5&cd51=false&cd58=Schneider_Electric%7CRansomware%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd5=8HFKPLRDvLB9iRiNBMaeQQ&cd7=ross_kelly&cd99=0&cd128=20-02-2024&cd1=news&cd3=ransomware%7Csecurity&cd6=%7Cschneider_electric%7Cserversidehawk&cd8=20-02-2024&cd27=897316&cd33=text%2Ctext%2Ctext%2Cembed%2Ctext%2Ctext%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Cheading%2Ctext%2Ctext%2Ctext%2Ctext&cd53=2024-02-20T11%3A27%3A19.642Z&cd61=pageLoad&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS&cd134=serversidehawk&cd31=10&cd30=4g&z=1652367591
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 08:22:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15357
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Y5vrV2V98Np6jHAGmAtCd3-300-80.jpg
cdn.mos.cms.futurecdn.net/ 		0
0
WHkQHadtMbBa5NoUAMd84o-1280-80.jpeg
cdn.mos.cms.futurecdn.net/ 		0
0
Y5vrV2V98Np6jHAGmAtCd3-140-80.jpg
cdn.mos.cms.futurecdn.net/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/Y5vrV2V98Np6jHAGmAtCd3-140-80.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4b7666a735ed4d4f7fabde9fd65da4bf41d6f6561d0f2000de66a3cbc3bb0b8b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
3808850
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Tue Dec 12 10:56:29 UTC 2023
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulkproxyprodred
x-svc-go-version
1.20.12
etag
995bcaf94553130e5031d13206b8987b
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Fri, 15 Mar 2024 10:37:53 UTC
date
Mon, 15 Jan 2024 10:37:53 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/Y5vrV2V98Np6jHAGmAtCd3.jpg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon2
alt-svc
h3=":443"; ma=86400
content-length
3582
x-ftr-request-id
00000000:9422_00000000:01BB_65A50AFE_4CD4370:53A5
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
y9BqXBacg4DNatqLID-LUMGBjYU5sMp9NtG05JSRc4bOKv7T6hny7Q==
WHkQHadtMbBa5NoUAMd84o-320-80.jpeg
cdn.mos.cms.futurecdn.net/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/WHkQHadtMbBa5NoUAMd84o-320-80.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:7800:1b:ce45:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8b56e9c6a126055d542847db848197d18349d53174584fadcb2f3bc91a68268d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-backend
default
age
577956
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
x-svc-build-time
Fri Jan 26 10:20:47 UTC 2024
x-served-by
kodiak-varnish-f96658d5b-qlk9m
x-ftr-balancer
bulkproxyprodred
x-svc-go-version
1.20.13
etag
4b2e016229085509f358df176ccc197c
x-svc-name
kodiak-svc
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5184000
x-svc-version
latest
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 21 Apr 2024 20:06:07 UTC
date
Wed, 21 Feb 2024 20:06:07 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-svc-env
prod
xkey
/proof/WHkQHadtMbBa5NoUAMd84o.jpeg
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-ftr-dc
uk-lon2
alt-svc
h3=":443"; ma=86400
content-length
17336
x-ftr-request-id
00000000:A62A_00000000:01BB_65D657AE_F1DF50:66B0
access-control-max-age
1728000
x-ftr-backend-server
kube
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
j7ppdia0NRJgi6LmnXPawNdzZcHEj30mEABPXxBEzZzbVNDyAoiYVw==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10055482/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol
H2
Server
18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 05:46:02 GMT
content-encoding
gzip
via
1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
25830
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
1B4m6V99eW_K-Xegf-Bq5y451N405uvA9WQUIkeEkkl09UmsxLoyug==

Redirect headers

date
Wed, 28 Feb 2024 12:38:44 GMT
via
1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
njOUEB6ycjcSAsQWZ_v15JiN9RXbmCs43Uo2mpo0WbvWSFdEjcKViA==
b2
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1709123924622&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=DE&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fransomware%2Fschneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack&c8=Schneider%20Electric%20confirms%20data%20was%20stolen%20in%20Cactus%20ransomware%20attack%20%7C%20ITPro&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-107.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 12:38:44 GMT
via
1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
TU6QJBa8u56Z0pdJ9eLB-jnQJGRrbih3_uFPmMMROgToSZqz86xssQ==
x-cache
Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.mos.cms.futurecdn.net
URL
https://cdn.mos.cms.futurecdn.net/Y5vrV2V98Np6jHAGmAtCd3-300-80.jpg
Domain
cdn.mos.cms.futurecdn.net
URL
https://cdn.mos.cms.futurecdn.net/WHkQHadtMbBa5NoUAMd84o-1280-80.jpeg

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| defaultFlags object| vanilla object| VAN function| lazyObserveElement function| sliceHydrationLazy object| externalsScriptLoaded object| FUTR function| _typeof function| __tcfapi function| __uspapi function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp object| _sp_queue object| _sp_ object| ccpaAppliesPromise object| reliableConsentGiven function| FEPProcess function| FEPSanitise function| resolveFEP object| processFEP object| reliableDOMContentLoaded object| reliablePageLoad string| hawk_widgets_endpoint string| hawklinks_endpoint boolean| gaCookieSet object| adParameters object| bordeaux object| FEP_object function| getConnectionDimensions object| getConnectUserDimensions function| missingImage string| ga_code object| analytics_ga_data string| version string| GoogleAnalyticsObject function| ga object| FEP object| freyr object| permutive object| googletag object| freyrData object| dataLayer object| dm boolean| trailingSlash object| FlexiLoader function| cssVars boolean| isIE function| amIIE object| sliceComponents function| selligent_initialiser object| vanL10N function| comscoreIntegration object| dfp_config object| vanillaComponents object| require object| ffte object| xkeys string| ftr_request_id object| slice object| __LOADABLE_LOADED_CHUNKS__ object| google_tag_data object| gaplugins object| champagne object| Flexi object| _sp_wp_jsonp object| hawk object| vanillaJsonp object| regeneratorRuntime object| fastdom object| __translator number| future_sponsoredPostVersion function| renderSponsoredPost object| featureVariables function| jwplayerInit object| webpackChunkbordeaux function| tmntag_triggerEvent function| tmntag_render string| indexExchangeDeviceType object| bordeauxAds object| bdx object| google_tag_manager object| lazyLoadInstance function| init_background_skin function| iFrameResize object| PARSELY boolean| DotMetricsInitScript object| gaGlobal object| gaData boolean| suggestionBoxPresent object| regionRedirectBanner object| popularBox object| localeSelector object| hawklinks object| DotMetricsSettings object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| _comscore object| COMSCORE object| ns_p

17 Cookies

Domain/Path Name / Value
.www.itpro.com/ Name: FTR_Country_Code
Value: DE
.www.itpro.com/ Name: FTR_Cache_Status
Value: HIT-CLUSTER
.www.itpro.com/ Name: usprivacy
Value: 1YNN
.itpro.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack%22%2C%22sref%22:%22%22%2C%22sts%22:1709123922832%2C%22slts%22:0}
.itpro.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=b25f3d14-102f-413e-b7e3-87298b3c08d3%22%2C%22session_count%22:1%2C%22last_session_ts%22:1709123922832}
.servebom.com/ Name: u
Value: C3A647B21B4E4DD98BFD14B297D47ED2
.itpro.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.itpro.com/ Name: _gid
Value: GA1.2.1252261381.1709123923
.itpro.com/ Name: _gat
Value: 1
www.itpro.com/ Name: h_id
Value: C3A647B21B4E4DD98BFD14B297D47ED2
.itpro.com/ Name: dnsDisplayed
Value: undefined
.itpro.com/ Name: ccpaApplies
Value: false
.itpro.com/ Name: signedLspa
Value: undefined
www.itpro.com/ Name: consentUUID
Value: dd7d9062-fece-4029-a680-148f51a53fb3
.itpro.com/ Name: _ga
Value: GA1.2.1468142828.1709123923
.itpro.com/ Name: _gat_hawkWidgetsAffiliate
Value: 1
.itpro.com/ Name: _ga_E36MVD1BQT
Value: GS1.1.1709123922.1.0.1709123923.59.0.0

1 Console Messages

Source Level URL
Text
other warning URL: https://www.itpro.com/security/ransomware/schneider-electric-confirms-data-was-stolen-in-cactus-ransomware-attack
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
ads.servebom.com
ampcid.google.com
ampcid.google.de
bordeaux.futurecdn.net
cdn.jwplayer.com
cdn.mos.cms.futurecdn.net
cdn.parsely.com
cdn.privacy-mgmt.com
cdnjs.cloudflare.com
champagne.futurecdn.net
content.jwplatform.com
eventsproxy.gargantuan.futureplc.com
freyr.futurecdn.net
mos.fie.futurecdn.net
p1.parsely.com
r.skimresources.com
region1.analytics.google.com
rm-script.dotmetrics.net
sb.scorecardresearch.com
search-api.fie.futurecdn.net
slice.vanilla.futurecdn.net
sommelier.futurehybrid.tech
stats.g.doubleclick.net
uk-script.dotmetrics.net
vanilla.futurecdn.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.itpro.com
cdn.mos.cms.futurecdn.net
151.101.2.114
18.245.60.107
18.66.192.6
18.66.97.115
2001:4860:4802:32::36
2600:9000:2057:ca00:12:b587:d880:93a1
2600:9000:2057:e800:5:a6be:f9c0:93a1
2600:9000:223c:7800:1b:ce45:6040:93a1
2600:9000:225e:6000:1:a3fa:7cc0:93a1
2600:9000:225e:9c00:1:a3fa:7cc0:93a1
2600:9000:2359:da00:19:ee95:9600:93a1
2600:9000:235a:8a00:15:a2ae:35c0:93a1
2600:9000:2490:5600:6:4010:e280:93a1
2600:9000:266e:a00:d:5ce3:a4c0:93a1
2606:4700:4400::6812:29aa
2606:4700::6811:180e
2a00:1450:4001:806::200e
2a00:1450:4001:810::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9a
3.161.77.50
34.242.252.89
35.190.59.101
54.155.18.159
54.72.109.162
99.86.4.40
0cb987d1f7d93fb998e06170acc195d1555a708fe10d20412223f98d0f69bb45
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f7848370e6f84495aca1c3a970215a978c64261d0e2adc0c7fea745013289c6
100871cc05c2a411172377b057a753175a420a1fe8753e593412b4ae171f7409
1302a3222e1c0d2325c7b94fdb944ca20d8534b9af03b7b71e3a9842bb4d9425
168d2f75a106948c75452fb5852156cd028252db2a1169caf396c10e6d85f45a
1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
279c22eec129626a282d2b158d985fce99cadae69fc52410763ef18c04e55bb5
2c6d13081750bfcfb93cb02b49b291d1055d5ec08d4e2e7ea8205b089c0ab390
2cc99640fabdd60d56c2f03e24f2dbdbee5bef6babc47abe8e541102d5ce4d36
2e64d817eb5b73d7a6ad2ad8987d769f1059469c4be84dbd70f89a997d3bbaf9
2e7b2db7b3cb9c9f161bad3ef097d44ba021dc2840d71bf417ec8f09a5326bfb
359d578d1c1e7bfe76a8c3eb0b041d4f14a406e29f4e06c4be0c761ce39c1627
3604a248e307cc47c5f233964d4f509e288e01c0d84eff43f951bf0930736ef9
3685003d5a704e764772420eddbf90022c26b4565936bde16953b313df3831f6
37b8d2b685e43d30c76d66096811b49926820f0568ecff191f656b5e932e1c9a
39dd30475086d65e35f0e249b4bcb1f8c2b9aaaaf86b49f9cd8634b7aec1c8a8
3e57a446cfb41aa09c338e6a7e7e6fb8501edb4901382de293b21f9adf74b9bb
43398c8955efc2532896c7d5e915e3c8ee0a13e40704f310ff474bed8fcf43bd
476817866f2441a4e0b74db16043f0108699efd2912d68b0574868f887083249
487b0a9ac483def66f2d2e6c7a6bc0f9e7e9ed20758ecb15f9c8996cf3c3bbb6
4b7666a735ed4d4f7fabde9fd65da4bf41d6f6561d0f2000de66a3cbc3bb0b8b
5043ca258dbde287cac64a2d61c41df6ad9d91aa3672aa3c1b694b68af92cb97
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
52d2dacf7773823b0f78d80200d2d739de5267d0cfde51b310e350076cc88c5f
5313f0297ec7397761e4ff47d2500db29b44b9a0aa11ddcaf9cc93123746f542
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
56efb72c0fe17bdf89eb8a247c96d3fdbdc230f5802666c929f7ebe090fb4d95
598c62ec0d4a4b800c2a2ce698931f524171cf10d31e3aa351fb771adb9b6811
60a10f2834b067b8760090082163f794fa33d6e397b00495514499ee3c21e2ba
612b3bc8173e264d163c14e0f625bba234a0f71cf8c6f85736daefdcf0bdbc3e
61abfc5de5a0c0f86a2fcf857118cb9c9f5ab4feb35881b5d4e57fd3115c8122
61be4a3d1642d3e30f379c00a432a7baf22a6a388b44bbd598e2027b06d202c5
674335d9947e05baaeb827371ace9fe4ac36dfa6822500463a3a5ec4e1caf0f9
6966e52c9ca5eb31aef27c8e0ec308d1204afb27efbe1a7c78878668de441bdf
76bcb58c24ce18ab42bba81850cb38e22cf310b6a25d1af8a80a4b07044b1204
78b435cd47263da5359608172fe71c285cc5e11e012148eb6126ce32ab36137c
7ac18e3e4df08f18ceb091bc39373dcbbb6c39aac2d43cbc3ab856fe5a08ebdc
8224c546fc99f50137100a9b4d6869a2d6520524a2ba7c317d904dd4eb141a14
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
86095e8fd7d8de46e040c0d6b9a6c37c4ffb58e89c105c28d11ca5e8dff17610
8922e4a7f83b11ecc071628898f917d817b3072ff21a9de6f263095313449efc
8b56e9c6a126055d542847db848197d18349d53174584fadcb2f3bc91a68268d
8e183ea492db0784dab37656a389afae69ff897aad6566bf0d2d20c0004faa16
8eb89aba3abc1d2cccc1f9ad9a9470da7025e9ff1a0148560ad7b4517c73a621
8fe39ae8576615f9f35e9b2cd5e9ef421c64641f4f1fdba08f11d2a1eb811c2f
9112cc2105c48e64f962c7010479d4df974a898ffd28f257ac096c9913e87464
911f87c6719940785ed3be3ae12d86110500651a2204a60004b138044cc89982
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a65f8e01b84c50ea7bd7658e73c4da2610fc7e9feb79880952efcab08aa4bd42
a6dcd6fe70ce37deeb23544bc99b63f7e6217ae5dd2eb189897108439711193b
abdaab60658a6297ca20673a68358b44f3a3d495fd81845c5003f32b5087f32b
ae4b8295a9828b53e7b4368555af4afa4e80052e8dcecef01c80faedb5d9b439
b5713c526e44ad558557e39e0d02e2bc4dfddc2e7feeaef83b7f8d11531c7907
bd8a155b13943be15cab366c32a8c5adfbaf2018c1ae24748e4f93189c6d6a63
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
c0a177730664a02710981330dacbe32e843153f32945016aa1e7b377ed4f9819
c12cfd186d2eef3f576264cb9b5c1733093b2b03b477f7ef85f4dbe9eba9f46d
c5870b689b770de6e6a0b9b3b2fc01cef03b594d8ee627d373580235fc584874
c91d892beb7af4b7a43d265eaf39486cf8f588e2a4fe2022751486de81ea2011
c9f3a89d16013a5625a8ed8ab79e85d88e859cd0c806cc7a19ef440bcc7ec745
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd251f440b4debfbd8f71df5102043bb0544e7feb5f66ccadf1f67cb1403ff57
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f0b3dbe02fcf538c9e6485db547dea15bbc0a7b521b147988cfd4de8212f2f
d13ee0d9281c140536ab058cb7009db57c2f17f8cd523386eb1d036e5e67e19f
d14e569ea07cb70b5a342c718651bf0bb729cec22fa12a6329896aef0f6b63a3
d29407e6f342faf3cea0d571fae3e62e05ed41c84c7e9d9d627996991e5ab646
d3b5e3088d11c3b51e10f98098380c26eb1246608431f8a5617a36ceaa8e01dc
d4988ac5543c0b67c19b3608e5b70922afe06b63ddd9ba56b295f6bf5dceb661
d672693f0778a5affcf63364f393660ff12f63372a59da57115f28ea0b4a7518
d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10
db840fa1fcd67d0124424d6b19586f5bbe572305a579905ade0dda709da0d684
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd58e0b1154d438c85696a4cf5cef2411789335743e9e0ed3e7581b9ecc4244c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00fca443a0624c2dbbca224f41daaa1089454950a2f44f5f8c492cf71f005e0
e1b0dcf1415a4eba4b21af3df4f1371f97daea7a418169504300cb877aa37983
e1e888cfdd2f373efeda2868bed7f21323e05492b56de6b6bbc5742053009e51
e2cecb01d9c1ed9c922fe6f88f91fbcb689350010d3e1ecf87937827888cc3b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
e96b558c02041fe94c15887549e5132e08e027e9081779b654570236ac38c6ca
eb5a411954b073afc5a03917286187faccb2a34918f98def598e76e7bcf6c009
ec41d1a75ebbdbecd0af85fa7d78c27ad6a1a8c304d6ea6f607a4cb04b114337
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3486d15cfd4fdf0f62e3f86e7b4bb94fc9f11700539ba468f5d504ae857026f
f3f8e24c384c889701a902c1e97ca487a36085c631159ece44882f8334683acb
f65329a3db68a68c542fe17485430268a4f86882c6e579344e42a862d43ef2b8
fd275f8b485321084bb94b2696b5749e4c7316c1bbf3ab111c1e6c04e12dc2a8