www.intaforensics.com Open in urlscan Pro
176.58.103.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.intaforensics.com/incident-response?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_ca...
Effective URL:
https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_c...
Submission: On February 16 via manual (February 16th 2023, 1:25:26 pm UTC) from BE — Scanned from GB

Summary HTTP 45 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 45 HTTP transactions. The main IP is 176.58.103.91, located in London, United Kingdom and belongs to AKAMAI-AP Akamai Technologies, Inc., SG. The main domain is www.intaforensics.com.
TLS certificate: Issued by R3 on January 14th 2023. Valid for: 3 months.

This is the only time www.intaforensics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	176.58.103.91 176.58.103.91	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.17.177.117 2.17.177.117	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
45	12

20 176.58.103.91 (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: 176-58-103-91.ip.linodeusercontent.com

www.intaforensics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.177.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-177-117.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	intaforensics.com 1 redirects www.intaforensics.com	544 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	379 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	45 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2506	20 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	265 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 368	12 KB
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3412	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	356 B
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 4722	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
45	10

	Domain	Requested by
20	www.intaforensics.com	1 redirects www.intaforensics.com
5	www.google.com	www.intaforensics.com www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.googletagmanager.com	www.intaforensics.com www.googletagmanager.com
3	bat.bing.com	www.intaforensics.com bat.bing.com
2	fonts.gstatic.com	www.google.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.co.uk	www.intaforensics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	chimpstatic.com	www.intaforensics.com
1	fonts.googleapis.com	www.intaforensics.com
45	12

This site contains links to these domains. Also see Links.

Domain
limasupport.intaforensics.com
www.victimsupport.org.uk
www.policecare.org.uk
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
www.intaforensics.com R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
Frame ID: 5078C9F70BA1CE7BCC9460718FC0B1DF
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrg6YfAAAAAAnDH5usVo3ujc46lh1qqynWu0bQ&co=aHR0cHM6Ly93d3cuaW50YWZvcmVuc2ljcy5jb206NDQz&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=6i5q70mv74it
Frame ID: CE824EC4CC4660A2FF23FA41D362B628
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber Security Incident Response Specialists | IntaForensics

Page URL History Show full URLs

https://www.intaforensics.com/incident-response?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&u... HTTP 301
https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1268 kB
Transfer

3040 kB
Size

11
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://limasupport.intaforensics.com/
Title: Lima Support Portal

Search URL Search Domain Scan URL

URL: https://www.victimsupport.org.uk/

Search URL Search Domain Scan URL

URL: https://www.policecare.org.uk/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/intaforensics-ltd/

Search URL Search Domain Scan URL

URL: https://twitter.com/intaforensics

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.intaforensics.com/incident-response?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response HTTP 301
https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.intaforensics.com/incident-response/
Redirect Chain

https://www.intaforensics.com/incident-response?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20sec...
https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20se...

48 KB
11 KB

38ms
38ms

Document
text/html

176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

d378d7107753576c4832a13261246028eb395e1f2afaed45ce6956846a71c316

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preload”

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 13:25:20 GMT
ETag: "2a545a6401c9965414eb65299465de79"
Keep-Alive: timeout=5, max=99
Last-Modified: Thu, 16 Feb 2023 13:25:20 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preload”
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Cache-Control: max-age=3600
Connection: Upgrade, Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 13:25:20 GMT
Expires: Thu, 16 Feb 2023 14:25:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preload”
Upgrade: h2
Vary: Accept-Encoding
X-Redirect-By: WordPress
dlm-no-waypoints: true

GET
H/1.1 200
OK autoptimize_1b8c8a8b054c144e81d1366ba941d692.css
www.intaforensics.com/wp-content/cache/autoptimize/css/ 516 KB
87 KB 69ms
68ms Stylesheet
text/css 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/wp-content/cache/autoptimize/css/autoptimize_1b8c8a8b054c144e81d1366ba941d692.css

Requested by

Host: www.intaforensics.com
URL: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

38ca61328fa2baf6be88d4b6298cee90710c2f59aaabe62c0648f4000f5ffbe4

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:20 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 09 Feb 2023 14:42:14 GMT
Server: Apache
ETag: "80fa9-5f44563047c03-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public, immutable
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 196ms
70ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=2.10.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 13:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:37:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 13:25:20 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.intaforensics.com/wp-includes/js/jquery/ 88 KB
31 KB 117ms
43ms Script
application/x-javascript 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/wp-includes/js/jquery/jquery.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:20 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 28 Nov 2022 08:22:42 GMT
Server: Apache
ETag: "15e54-5ee83933e1880-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: application/x-javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30995

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 262ms
153ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CY2P7GV1R5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcad6fc8fdb7fdf2bfa4213605ebf502d31746b2a2184c8335a5f4671f686e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:25:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Feb 2023 13:25:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 170ms
61ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1074328-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e54f6c767a049caa710918593253e06ad671c12feb12771b2be69f97c3da63c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:25:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Feb 2023 13:25:21 GMT

GET
H/1.1 200
OK Banner_CRESTPTCSIR_white-2022_website-size-1-300x300.png
www.intaforensics.com/wp-content/uploads/2022/04/ 13 KB
13 KB 79ms
39ms Image
image/png 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/uploads/2022/04/Banner_CRESTPTCSIR_white-2022_website-size-1-300x300.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

7eb8829a699a88c3eea34f69572d8c24c605b3bb251b0827f94e6794d45df43d

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Aug 2022 10:15:21 GMT
Server: Apache
ETag: "32dd-5e72231070040"
Vary: Accept-Encoding,Accept
Content-Type: image/png
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 13021

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
901 B 164ms
60ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ldrg6YfAAAAAAnDH5usVo3ujc46lh1qqynWu0bQ&ver=3.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

613da9191f7f1c7e92c02929806bc6f7eed84c7dbc82c4903e13f84e83abf4c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 16 Feb 2023 13:25:21 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
www.intaforensics.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 38ms
37ms Script
application/x-javascript 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Server: Apache
ETag: "194b-5dc5fbf1e6f80-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2457

GET
H/1.1 200
OK wp-polyfill.min.js Show response
www.intaforensics.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 39ms
38ms Script
application/x-javascript 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 28 Nov 2022 08:22:42 GMT
Server: Apache
ETag: "459f-5ee83933e1880-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6532

GET
H/1.1 200
OK autoptimize_dfed277d3f4bc16cd8b60d6c21635556.js Show response
www.intaforensics.com/wp-content/cache/autoptimize/js/ 166 KB
40 KB 148ms
70ms Script
application/x-javascript 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/wp-content/cache/autoptimize/js/autoptimize_dfed277d3f4bc16cd8b60d6c21635556.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

e4884609dd60dbbc1b5bf713061c0406bb800d81ae6cdb5aac128a12b41b6b99

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 09 Feb 2023 14:42:14 GMT
Server: Apache
ETag: "2980e-5f4456302a743-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: application/x-javascript
Cache-Control: public, immutable
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 40620

GET
H/1.1 200
OK autoptimize_541e2ced151704f4ff1844c6de47ec02.css
www.intaforensics.com/wp-content/cache/autoptimize/css/ 7 KB
2 KB 132ms
40ms Stylesheet
text/css 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/wp-content/cache/autoptimize/css/autoptimize_541e2ced151704f4ff1844c6de47ec02.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 09 Feb 2023 14:42:14 GMT
Server: Apache
ETag: "1b6d-5f44563047c03-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: text/css
Cache-Control: public, immutable
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1170

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
67 KB 233ms
125ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WP9H9FL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6a039fca196dc4bb92cd2328c22ab39f168448a3271c7727c0efea280e9ac14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:25:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68237
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:25:21 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 184ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 16 Feb 2023 13:25:20 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A0F400022D0F49ECB8078CF8CDAF75FD Ref B: LON04EDGE1022 Ref C: 2023-02-16T13:25:21Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H/1.1 200
OK fa-solid-900.woff2
www.intaforensics.com/wp-content/themes/intaforensics/styles/webfonts/ 76 KB
77 KB 52ms
39ms Font
application/font-woff2 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/wp-content/themes/intaforensics/styles/webfonts/fa-solid-900.woff2

Requested by

Host: www.intaforensics.com
URL: https://www.intaforensics.com/wp-content/cache/autoptimize/css/autoptimize_1b8c8a8b054c144e81d1366ba941d692.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

Referer: https://www.intaforensics.com/wp-content/cache/autoptimize/css/autoptimize_1b8c8a8b054c144e81d1366ba941d692.css
Origin: https://www.intaforensics.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Aug 2022 10:15:18 GMT
Server: Apache
ETag: "131bc-5e72230d93980-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/font-woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK IF-Logo-RGB-1.svg
www.intaforensics.com/wp-content/uploads/2021/10/ 18 KB
8 KB 97ms
42ms Image
image/svg+xml 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/uploads/2021/10/IF-Logo-RGB-1.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

6085cebff342b44951768658059350deb77fa1f314c43f65e37d174792939d33

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Aug 2022 10:15:22 GMT
Server: Apache
ETag: "46bd-5e72231164280-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: image/svg+xml
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7761

GET
H/1.1 200
OK Funded-Cyber-Essentials-Programme-IntaForensics-Social-Posts-96-1024x536.png
www.intaforensics.com/wp-content/uploads/2023/01/ 19 KB
19 KB 92ms
51ms Image
image/webp 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/uploads/2023/01/Funded-Cyber-Essentials-Programme-IntaForensics-Social-Posts-96-1024x536.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

7c63f3b224f5e02427b9b70f217a07c2821e642dd0041ab6320b3941fbdaa821

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 16 Jan 2023 09:46:02 GMT
Server: Apache
ETag: "4a78-5f25e7384dd34"
Vary: Accept,Accept-Encoding
Content-Type: image/webp
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 19064

GET
H/1.1 200
OK Card-payment-security-1024x682.jpg
www.intaforensics.com/wp-content/uploads/2022/12/ 26 KB
26 KB 40ms
39ms Image
image/webp 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/uploads/2022/12/Card-payment-security-1024x682.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

5a6bd1ca5525985a2170e48fc463c7fad3f5081445ff994fbca85c94bc1ef677

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 03 Jan 2023 09:24:42 GMT
Server: Apache
ETag: "67a8-5f158a3451370"
Vary: Accept,Accept-Encoding
Content-Type: image/webp
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 26536

GET
H/1.1 200
OK Bookshelf.png
www.intaforensics.com/wp-content/uploads/2022/12/ 49 KB
49 KB 37ms
37ms Image
image/webp 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/uploads/2022/12/Bookshelf.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

661e4232b04798d86f39d150b704ca67f3f494b26b296ea1647b0a5e721936db

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Dec 2022 15:53:44 GMT
Server: Apache
ETag: "c406-5efa38211b9a8"
Vary: Accept,Accept-Encoding
Content-Type: image/webp
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 50182

GET
H/1.1 200
OK footer_nodes.png
www.intaforensics.com/wp-content/themes/intaforensics/images/ 48 KB
49 KB 39ms
38ms Image
image/png 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/themes/intaforensics/images/footer_nodes.png

Requested by

Host: www.intaforensics.com
URL: https://www.intaforensics.com/wp-content/cache/autoptimize/css/autoptimize_1b8c8a8b054c144e81d1366ba941d692.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

85e80ec4c9d82dbdfa74cd4f85b060055575320e72369598d696277ac2f9feb3

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/wp-content/cache/autoptimize/css/autoptimize_1b8c8a8b054c144e81d1366ba941d692.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Aug 2022 10:15:18 GMT
Server: Apache
ETag: "c1fb-5e72230d93980"
Vary: Accept-Encoding,Accept
Content-Type: image/png
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 49659

GET
H/1.1 200
OK dc_badge1.png
www.intaforensics.com/wp-content/uploads/2022/09/ 14 KB
14 KB 37ms
37ms Image
image/webp 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/uploads/2022/09/dc_badge1.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

98137adbe231182a1268dbca1bd7b8af83cce9d9ce0f543b723210260c4f5c59

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 09 Sep 2022 09:22:41 GMT
Server: Apache
ETag: "37e6-5e83b16747a40"
Vary: Accept,Accept-Encoding
Content-Type: image/webp
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 14310

GET
H/1.1 200
OK VS-Logo.jpg
www.intaforensics.com/wp-content/uploads/2022/09/ 15 KB
15 KB 38ms
38ms Image
image/webp 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/uploads/2022/09/VS-Logo.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

266f2ee4c9652cd1a4698edd5b784a9b9fe73ac4f3518f25b6dbf63fff3ef242

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 09 Sep 2022 09:23:41 GMT
Server: Apache
ETag: "3c02-5e83b1a080140"
Vary: Accept,Accept-Encoding
Content-Type: image/webp
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 15362

GET
H/1.1 200
OK PCUK_logo_BLACK-600x606.png
www.intaforensics.com/wp-content/uploads/2022/09/ 14 KB
15 KB 39ms
38ms Image
image/webp 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intaforensics.com/wp-content/uploads/2022/09/PCUK_logo_BLACK-600x606.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

9ceaedcf582c27a9b5da7f2a91af59031b0f0bdb570b767dc0914c5e86839a08

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 09 Sep 2022 09:24:16 GMT
Server: Apache
ETag: "3974-5e83b1c1e1000"
Vary: Accept,Accept-Encoding
Content-Type: image/webp
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 14708

GET
H/1.1 200
OK 86a3cdab6b3892052ecf44b65.js Show response
chimpstatic.com/mcjs-connected/js/users/b0c3a873fe3831117233cee58/ 2 KB
1 KB 403ms
179ms Script
application/javascript 2.17.177.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/b0c3a873fe3831117233cee58/86a3cdab6b3892052ecf44b65.js
Requested by: Host: www.intaforensics.com
URL: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.177.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-177-117.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 95, 362, 91
Date: Thu, 16 Feb 2023 13:25:21 GMT
Content-Encoding: gzip
x-amz-request-id: CNWAH6P37P0981TB
X-EdgeConnect-MidMile-RTT: 0, 0, 0
Connection: keep-alive
Content-Length: 653
x-amz-id-2: rJ0+2Q7wNxHyAWFotiZVL3qeuoGu9lc5rhNfaubhJNNiOVtn1gtHhU047v2ASbTebRR45ImE4gw=
Last-Modified: Tue, 15 Dec 2020 09:36:57 GMT
Server: AmazonS3
ETag: "4b60d3ea13c42468679685c32a1680ac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1799
Accept-Ranges: bytes
Expires: Thu, 16 Feb 2023 13:55:20 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
www.intaforensics.com/wp-content/themes/intaforensics/styles/webfonts/ 75 KB
75 KB 83ms
60ms Font
application/font-woff2 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/wp-content/themes/intaforensics/styles/webfonts/fa-brands-400.woff2

Requested by

Host: www.intaforensics.com
URL: https://www.intaforensics.com/wp-content/cache/autoptimize/css/autoptimize_1b8c8a8b054c144e81d1366ba941d692.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ

Request headers

Referer: https://www.intaforensics.com/wp-content/cache/autoptimize/css/autoptimize_1b8c8a8b054c144e81d1366ba941d692.css
Origin: https://www.intaforensics.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Aug 2022 10:15:18 GMT
Server: Apache
ETag: "12bc0-5e72230d93980-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Upgrade: h2
Content-Type: application/font-woff2
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 404 KB
161 KB 167ms
52ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ldrg6YfAAAAAAnDH5usVo3ujc46lh1qqynWu0bQ&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
Origin: https://www.intaforensics.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164579
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 13:17:19 GMT

GET
H2 204 134004175.js Show response
bat.bing.com/p/action/ 0
118 B 137ms
137ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134004175.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 16 Feb 2023 13:25:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1DD69120A0454B84B5670BE10F4ECA79 Ref B: LON04EDGE1022 Ref C: 2023-02-16T13:25:21Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 55ms
55ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134004175&tm=wpp_1.0.4&Ver=2&mid=182298ed-5fdb-4531-af0c-54a5ab92d5de&sid=5cbb5de0adfd11eda1eae1a274762eb5&vid=5cbb7860adfd11edb2fb1113ebdaa575&vids=1&msclkid=a72a9872a4d812fa3749fb9cab6d9114-1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cyber%20Security%20Incident%20Response%20Specialists%20%7C%20IntaForensics&p=https%3A%2F%2Fwww.intaforensics.com%2Fincident-response%2F%3Fmsclkid%3Da72a9872a4d812fa3749fb9cab6d9114%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3Dsearch%2520-%2520incident%2520response%2Fransomware%26utm_term%3Dcyber%2520security%2520attacks%26utm_content%3Dcyber%2520security%2520incident%2520response&r=&evt=pageLoad&sv=1&rn=6764

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:25:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D58BDE324D674CFC899B702BA2077B23 Ref B: LON04EDGE1022 Ref C: 2023-02-16T13:25:21Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
www.intaforensics.com/ 738 B
998 B 393ms
392ms XHR
application/json 176.58.103.91
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.intaforensics.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: www.intaforensics.com
URL: https://www.intaforensics.com/wp-includes/js/jquery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.58.103.91 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

176-58-103-91.ip.linodeusercontent.com

Software

Apache /

Resource Hash

80935b08be0ad71fc9c0863846ea5bb849f48a3cf3cc511033b4f5495354004f

Security Headers

Name	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preloadâ
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 16 Feb 2023 13:25:21 GMT
Strict-Transport-Security: max-age= 7776000; includeSubDomains; preloadâ
X-Content-Type-Options: nosniff
Content-Encoding: gzip
dlm-no-waypoints: true
Connection: Keep-Alive
Content-Length: 362
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.intaforensics.com
Cache-Control: no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=94
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CY2P7GV1R5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1074328-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e1cec5c31d0e78d0c388cf2393e80ba6317dd9deeadc50d85e119993f2f720e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:25:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77979
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Feb 2023 13:25:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 153ms
48ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1074328-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 12:54:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1836
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 16 Feb 2023 14:54:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 126ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CY2P7GV1R5&gtm=45je32f0&_p=379685610&cid=320377729.1676553921&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676553921&sct=1&seg=0&dl=https%3A%2F%2Fwww.intaforensics.com%2Fincident-response%2F%3Fmsclkid%3Da72a9872a4d812fa3749fb9cab6d9114%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3Dsearch%2520-%2520incident%2520response%2Fransomware%26utm_term%3Dcyber%2520security%2520attacks%26utm_content%3Dcyber%2520security%2520incident%2520response&dt=Cyber%20Security%20Incident%20Response%20Specialists%20%7C%20IntaForensics&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CY2P7GV1R5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:25:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.intaforensics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 58ms
56ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=379685610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intaforensics.com%2Fincident-response%2F%3Fmsclkid%3Da72a9872a4d812fa3749fb9cab6d9114%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3Dsearch%2520-%2520incident%2520response%2Fransomware%26utm_term%3Dcyber%2520security%2520attacks%26utm_content%3Dcyber%2520security%2520incident%2520response&ul=en-us&de=UTF-8&dt=Cyber%20Security%20Incident%20Response%20Specialists%20%7C%20IntaForensics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDACUABBAAAACAAI~&jid=864568261&gjid=280552709&cid=320377729.1676553921&tid=UA-1074328-1&_gid=798327718.1676553921&_r=1&gtm=457e32f0&cd1=no&did=dOGY3NW&gdid=dOGY3NW&z=545035911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:25:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.intaforensics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CE82 46 KB
25 KB 69ms
68ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrg6YfAAAAAAnDH5usVo3ujc46lh1qqynWu0bQ&co=aHR0cHM6Ly93d3cuaW50YWZvcmVuc2ljcy5jb206NDQz&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=6i5q70mv74it

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40ed3b620754515ce35c6fa1c50df04f5d2911df73dea41218c11f5973edd5d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HXz7yzDrAbIP0NQMcabY9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25480
content-security-policy: script-src 'report-sample' 'nonce-HXz7yzDrAbIP0NQMcabY9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:25:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
356 B 125ms
42ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1074328-1&cid=320377729.1676553921&jid=864568261&gjid=280552709&_gid=798327718.1676553921&_u=4CDACUAABAAAACAAI~&z=1175087818

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:25:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.intaforensics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame CE82 55 KB
24 KB 152ms
51ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrg6YfAAAAAAnDH5usVo3ujc46lh1qqynWu0bQ&co=aHR0cHM6Ly93d3cuaW50YWZvcmVuc2ljcy5jb206NDQz&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=6i5q70mv74it

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 11:08:36 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame CE82 404 KB
161 KB 150ms
50ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164579
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 13:17:19 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1074328-1&cid=320377729.1676553921&jid=864568261&_u=4CDACUAABAAAACAAI~&z=1670417513

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:25:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
408 B 195ms
76ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1074328-1&cid=320377729.1676553921&jid=864568261&_u=4CDACUAABAAAACAAI~&z=1670417513

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:25:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CE82 2 KB
2 KB 48ms
48ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 18:56:35 GMT
x-content-type-options: nosniff
age: 66527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:56:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CE82 15 KB
16 KB 147ms
46ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:18:07 GMT
x-content-type-options: nosniff
age: 148035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 20:18:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CE82 15 KB
15 KB 159ms
58ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 09:54:53 GMT
x-content-type-options: nosniff
age: 12629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 09:54:53 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CE82 102 B
133 B 58ms
58ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b29f19f936e72217644ab4281ffc4d75a12ed428d49b6e6f239209c4d068bafe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrg6YfAAAAAAnDH5usVo3ujc46lh1qqynWu0bQ&co=aHR0cHM6Ly93d3cuaW50YWZvcmVuc2ljcy5jb206NDQz&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=6i5q70mv74it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 16 Feb 2023 13:25:22 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame CE82 32 KB
18 KB 122ms
122ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ldrg6YfAAAAAAnDH5usVo3ujc46lh1qqynWu0bQ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fff593fee067ff5d013be163fec6212cf3128c9ba3ca3fea5e9f4befc2adc6be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrg6YfAAAAAAnDH5usVo3ujc46lh1qqynWu0bQ&co=aHR0cHM6Ly93d3cuaW50YWZvcmVuc2ljcy5jb206NDQz&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=6i5q70mv74it
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 16 Feb 2023 13:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18606
x-xss-protection: 1; mode=block
expires: Thu, 16 Feb 2023 13:25:22 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 45ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CY2P7GV1R5&gtm=45je32f0&_p=379685610&cid=320377729.1676553921&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676553921&sct=1&seg=1&dl=https%3A%2F%2Fwww.intaforensics.com%2Fincident-response%2F%3Fmsclkid%3Da72a9872a4d812fa3749fb9cab6d9114%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3Dsearch%2520-%2520incident%2520response%2Fransomware%26utm_term%3Dcyber%2520security%2520attacks%26utm_content%3Dcyber%2520security%2520incident%2520response&dt=Cyber%20Security%20Incident%20Response%20Specialists%20%7C%20IntaForensics&en=page_view&_ee=1&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CY2P7GV1R5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.intaforensics.com/incident-response/?msclkid=a72a9872a4d812fa3749fb9cab6d9114&utm_source=bing&utm_medium=cpc&utm_campaign=search%20-%20incident%20response/ransomware&utm_term=cyber%20security%20attacks&utm_content=cyber%20security%20incident%20response
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.intaforensics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 14:01:45	Name: _GRECAPTCHA Value: 09AA9PpHLLdiVCKE9WwhmeAVPHhFMC5gsFhRg5nwPpL_gcJyc1_pu7Nkz5PfN4wKdzztjLpyEoMnc0IJws7r-74Ag
www.intaforensics.com/	1970-01-20 10:22:53	Name: mailchimp_landing_site Value: https%3A%2F%2Fwww.intaforensics.com%2Fincident-response%3Fmsclkid%3Da72a9872a4d812fa3749fb9cab6d9114%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_campaign%3Dsearch%2520-%2520incident%2520response%2Fransomware%26utm_term%3Dcyber%2520security%2520attacks%26utm_content%3Dcyber%2520security%2520incident%2520response
.intaforensics.com/	1970-01-20 09:44:00	Name: _uetsid Value: 5cbb5de0adfd11eda1eae1a274762eb5
.intaforensics.com/	1970-01-20 19:04:09	Name: _uetvid Value: 5cbb7860adfd11edb2fb1113ebdaa575
.intaforensics.com/	1970-01-20 11:52:09	Name: _uetmsclkid Value: _ueta72a9872a4d812fa3749fb9cab6d9114
.bing.com/	1970-01-20 19:04:09	Name: MUID Value: 2656678A0CA9670B1D7A75300D4966A2
.intaforensics.com/	1970-01-20 11:52:09	Name: _gcl_au Value: 1.1.1043352163.1676553921
.intaforensics.com/	1970-01-20 19:18:33	Name: _ga_CY2P7GV1R5 Value: GS1.1.1676553921.1.1.1676553921.0.0.0
.intaforensics.com/	1970-01-20 19:18:33	Name: _ga Value: GA1.2.320377729.1676553921
.intaforensics.com/	1970-01-20 09:44:00	Name: _gid Value: GA1.2.798327718.1676553921
.intaforensics.com/	1970-01-20 09:42:33	Name: _gat_gtag_UA_1074328_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age= 7776000; includeSubDomains; preload”

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
chimpstatic.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
www.intaforensics.com
176.58.103.91
2.17.177.117
2001:4860:4802:34::36
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2003
2a00:1450:4001:829::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
266f2ee4c9652cd1a4698edd5b784a9b9fe73ac4f3518f25b6dbf63fff3ef242
2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c
2e54f6c767a049caa710918593253e06ad671c12feb12771b2be69f97c3da63c
38ca61328fa2baf6be88d4b6298cee90710c2f59aaabe62c0648f4000f5ffbe4
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40ed3b620754515ce35c6fa1c50df04f5d2911df73dea41218c11f5973edd5d7
4e1cec5c31d0e78d0c388cf2393e80ba6317dd9deeadc50d85e119993f2f720e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a6bd1ca5525985a2170e48fc463c7fad3f5081445ff994fbca85c94bc1ef677
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6085cebff342b44951768658059350deb77fa1f314c43f65e37d174792939d33
613da9191f7f1c7e92c02929806bc6f7eed84c7dbc82c4903e13f84e83abf4c6
661e4232b04798d86f39d150b704ca67f3f494b26b296ea1647b0a5e721936db
6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210
7c63f3b224f5e02427b9b70f217a07c2821e642dd0041ab6320b3941fbdaa821
7eb8829a699a88c3eea34f69572d8c24c605b3bb251b0827f94e6794d45df43d
80935b08be0ad71fc9c0863846ea5bb849f48a3cf3cc511033b4f5495354004f
85e80ec4c9d82dbdfa74cd4f85b060055575320e72369598d696277ac2f9feb3
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98137adbe231182a1268dbca1bd7b8af83cce9d9ce0f543b723210260c4f5c59
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9ceaedcf582c27a9b5da7f2a91af59031b0f0bdb570b767dc0914c5e86839a08
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
b29f19f936e72217644ab4281ffc4d75a12ed428d49b6e6f239209c4d068bafe
b6a039fca196dc4bb92cd2328c22ab39f168448a3271c7727c0efea280e9ac14
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d378d7107753576c4832a13261246028eb395e1f2afaed45ce6956846a71c316
dcad6fc8fdb7fdf2bfa4213605ebf502d31746b2a2184c8335a5f4671f686e6b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4884609dd60dbbc1b5bf713061c0406bb800d81ae6cdb5aac128a12b41b6b99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
fff593fee067ff5d013be163fec6212cf3128c9ba3ca3fea5e9f4befc2adc6be

www.intaforensics.com Open in urlscan Pro 176.58.103.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

83 %IPv6

10 Domains

12 Subdomains

12 IPs

4 Countries

1268 kBTransfer

3040 kBSize

11 Cookies

5 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.intaforensics.com Open in urlscan Pro
176.58.103.91 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1268 kB
Transfer

3040 kB
Size

11
Cookies

45 HTTP transactions
0 data transactions