www.praetorian.com Open in urlscan Pro
146.148.61.165 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
Effective URL:
https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
Submission: On September 19 via api (September 19th 2022, 2:48:58 pm UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 22 domains to perform 62 HTTP transactions. The main IP is 146.148.61.165, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.praetorian.com.
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.

This is the only time www.praetorian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	146.148.61.165 146.148.61.165	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a02:26f0:11a... 2a02:26f0:11a::6867:4851	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:20:... 2606:4700:20::681a:c98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4868	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.86.240.124 99.86.240.124	16509 (AMAZON-02) (AMAZON-02)
2	216.24.57.3 216.24.57.3	397273 (RENDER) (RENDER)
1	2600:9000:239... 2600:9000:2394:4200:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	18.66.15.100 18.66.15.100	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.78 108.156.60.78	16509 (AMAZON-02) (AMAZON-02)
2	18.171.11.4 18.171.11.4	16509 (AMAZON-02) (AMAZON-02)
2	3.11.132.212 3.11.132.212	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.255.240.59 34.255.240.59	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.50.214.14 52.50.214.14	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
62	31

13 146.148.61.165 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.61.148.146.bc.googleusercontent.com

www.praetorian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:11a::6867:4851 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:c98 (United States)

ASN13335 (CLOUDFLARENET, US)

io.clickguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-124.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.3 (United States)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:4200:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.15.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-100.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-78.ams1.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.171.11.4 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-11-4.eu-west-2.compute.amazonaws.com

reveal.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.11.132.212 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-132-212.eu-west-2.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.240.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-240-59.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.214.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-214-14.eu-west-1.compute.amazonaws.com

ws31.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

lp.praetorian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	praetorian.com www.praetorian.com lp.praetorian.com	410 KB
7	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 591 script.hotjar.com — Cisco Umbrella Rank: 779 vars.hotjar.com — Cisco Umbrella Rank: 852 in.hotjar.com — Cisco Umbrella Rank: 1671 ws31.hotjar.com — Cisco Umbrella Rank: 60977	105 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 430 p.typekit.net — Cisco Umbrella Rank: 577	163 KB
4	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 23563 x.clearbitjs.com — Cisco Umbrella Rank: 13309	48 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	261 KB
3	clickguard.com io.clickguard.com — Cisco Umbrella Rank: 47035	4 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3575	4 KB
2	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3106 track.hubspot.com — Cisco Umbrella Rank: 2260	2 KB
2	clearbit.com reveal.clearbit.com — Cisco Umbrella Rank: 22565 app.clearbit.com — Cisco Umbrella Rank: 13798	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6352	565 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	2 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5636 www.google.com — Cisco Umbrella Rank: 2	897 B
2	ml314.com ml314.com — Cisco Umbrella Rank: 1652	32 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3542	840 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2156	16 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4853	23 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3246	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2138	20 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2212	928 B
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 17576	1 KB
62	22

	Domain	Requested by
13	www.praetorian.com	www.praetorian.com
6	use.typekit.net	www.praetorian.com use.typekit.net
4	www.googletagmanager.com	www.praetorian.com www.googletagmanager.com js.hsadspixel.net
3	script.hotjar.com	static.hotjar.com script.hotjar.com www.praetorian.com
3	io.clickguard.com	www.praetorian.com io.clickguard.com
2	pi.pardot.com	www.praetorian.com pi.pardot.com
2	x.clearbitjs.com	tag.clearbitscripts.com
2	www.google.de	www.praetorian.com
2	ml314.com	www.praetorian.com ml314.com
2	grow.clearbitjs.com	www.praetorian.com
1	www.google.com
1	lp.praetorian.com	pi.pardot.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	www.google-analytics.com	x.clearbitjs.com
1	app.clearbit.com	x.clearbitjs.com
1	ws31.hotjar.com	script.hotjar.com
1	forms.hubspot.com	js.hscollectedforms.net
1	in.hotjar.com	script.hotjar.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	reveal.clearbit.com	tag.clearbitscripts.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	tag.clearbitscripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
62	33

This site contains links to these domains. Also see Links.

Domain
www.github.com
linkedin.com
twitter.com
www.facebook.com
github.com
www.youtube.com

Subject Issuer	Validity	Valid
www.praetorian.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
grow.clearbitjs.com R3	`2022-09-15` - `2022-12-14`	3 months	crt.sh
clearbitscripts.com Amazon	`2022-07-11` - `2023-08-09`	a year	crt.sh
ml314.com GTS CA 1D4	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
clearbit.com Amazon	`2022-07-28` - `2023-08-26`	a year	crt.sh
clearbitjs.com Amazon	`2022-02-18` - `2023-03-18`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
lp.praetorian.com R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
Frame ID: 172A4D9F350AF4D92CF95836AACD58BF
Requests: 60 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 06FDCDE9B9D23246004EEF698573F47E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - Praetorian

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Clearbit Reveal (Analytics) Expand

Overall confidence: 100%
Detected patterns

reveal\.clearbit\.com/v[(0-9)]/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

62
Requests

100 %
HTTPS

58 %
IPv6

22
Domains

33
Subdomains

31
IPs

6
Countries

1134 kB
Transfer

2537 kB
Size

25
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.github.com/praetorian-inc/
Title: GithubPraetorian is committed to opensourcing as much of our research as possible. Explore Development Projects

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/praetorian
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/praetorianlabs
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/praetorianlabs
Title: Facebook

Search URL Search Domain Scan URL

URL: https://github.com/praetorian-inc
Title: Github

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PraetorianLabs
Title: Youtube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/ 55 KB
13 KB 1398ms
975ms Document
text/html 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.61.148.146.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: f53e5905a6dcd6b38600443002422947dc0923e02086424f088a4fbc7d79aa33

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 14:48:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.praetorian.com/wp-json/>; rel="https://api.w.org/"
pragma: no-cache
server: nginx
vary: Accept-Encoding Accept-Encoding
x-cache: MISS
x-cache-group: normal
x-cacheable: non200
x-powered-by: WP Engine

GET
H2 200 autoptimize_7416d6242c1b2cc9eef1fd71a4e935dd.css
www.praetorian.com/wp-content/cache/autoptimize/css/ 200 KB
38 KB 190ms
189ms Stylesheet
text/css 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_7416d6242c1b2cc9eef1fd71a4e935dd.css

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

6b7ff1bfbac107898c4ca926d8c0363f98dbe44a711a0f9734683513de005900

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
content-encoding: br
last-modified: Fri, 16 Sep 2022 17:36:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6324b436-32122"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';

GET
H2 200 yng4pbv.css
use.typekit.net/ 8 KB
1 KB 212ms
52ms Stylesheet
text/css 2a02:26f0:11a::6867:4851
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/yng4pbv.css?ver=6.0.2

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

75834bf25783a12726294009beb5fb6b3aef5f9102975397c170054869fd1be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 19 Sep 2022 14:48:47 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1083

GET
H/1.1 200
OK VXreAtOk Show response
io.clickguard.com/s/cHJvdGVjdG9y/ 8 KB
3 KB 203ms
149ms Script
application/javascript 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/s/cHJvdGVjdG9y/VXreAtOk
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 91d03403e569d7b22b7d926a34923d81eaadee35f7956c5eb35325532ad3752a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

CF-RAY: 74d31fd24d85bb86-FRA
Date: Mon, 19 Sep 2022 14:48:47 GMT
via: 1.1 google
etag: W/"1e8f-tSMAyLC/SiFjgVhHkhZkUbnC9tA"
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
x-powered-by: Express
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBfSs%2BmL3nyb0%2FbzNNHjkHNJBJfeRLcz6KDIDWwx%2B7sUd8vYqLSWoEafUATDRY8gkx7%2BGdDZJIVagPCTMMoAwHq9DwAhpI7cciO7735Byn19a6cKkBfYDx1au2T6KjqIm7s7ox1ZWlGWriNgD6nj"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
access-control-allow-origin: *
Connection: keep-alive
Content-Encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 autoptimize_e6eb52aae1df94d27d6de67c2a1f0ac7.js Show response
www.praetorian.com/wp-content/cache/autoptimize/js/ 141 KB
45 KB 157ms
157ms Script
application/javascript 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.praetorian.com/wp-content/cache/autoptimize/js/autoptimize_e6eb52aae1df94d27d6de67c2a1f0ac7.js

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

14baedfe731f2382e164a3203d6e2c30f429af9eea015b916a28ccdcdaa634a7

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
content-encoding: br
last-modified: Fri, 16 Sep 2022 17:36:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6324b436-232eb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
66 KB 91ms
38ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

314dc77e43e812b7ba29ea887b8d51f4260fac07b6a32ea3908182582e9fef1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67451
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 14:48:47 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 164ms
31ms Stylesheet
text/css 2a02:26f0:11a::6867:4868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=yng4pbv&ht=tk&f=26911.26913.34691.34692.34693.34697.34701.36466.36470.36471.36473&a=23300812&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 19 Sep 2022 14:48:47 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 btn-arrow.svg
www.praetorian.com/wp-content/themes/studio-simpatico/svgs/ 2 KB
1 KB 273ms
271ms Image
image/svg+xml 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/themes/studio-simpatico/svgs/btn-arrow.svg

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_7416d6242c1b2cc9eef1fd71a4e935dd.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

1b52c6a2e51fe8d9a185649b9b7cffb2c1862ec60cf612070432c1ac4109c06e

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_7416d6242c1b2cc9eef1fd71a4e935dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
content-encoding: br
last-modified: Thu, 27 Jan 2022 13:04:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"61f29855-7f2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';

GET
H2 200 l
use.typekit.net/af/e40556/00000000000000007735adbc/30/ 44 KB
45 KB 432ms
341ms Font
application/font-woff2 2a02:26f0:11a::6867:4851
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e40556/00000000000000007735adbc/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a60e4a6f8b89cbd1debcd7f90a0e60099a7caa9490a3c5305b18cb094c53dd4b

Request headers

Referer: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Origin: https://www.praetorian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
server: nginx
etag: "f3cafd088bc07c2d3ded8cc91e0729be713189cf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45396

GET
H2 200 l
use.typekit.net/af/3f03c1/00000000000000003b9ad13e/27/ 21 KB
21 KB 128ms
37ms Font
application/font-woff2 2a02:26f0:11a::6867:4851
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3f03c1/00000000000000003b9ad13e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b475b2648fbcf6b9f1535198a5f52c11dc0bb9ed88bbf93d39eb1be9a391edc4

Request headers

Referer: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Origin: https://www.praetorian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
server: nginx
etag: "1a48bcc440a68538029c6482155125eab9fb73c6"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21352

GET
H2 200 l
use.typekit.net/af/09940c/00000000000000007735a996/30/ 26 KB
26 KB 133ms
42ms Font
application/font-woff2 2a02:26f0:11a::6867:4851
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/09940c/00000000000000007735a996/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 417debb36c2433e8aac621b9b88cef9aee936879ee30051b8724b606bcc84fd9

Request headers

Referer: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Origin: https://www.praetorian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
server: nginx
etag: "accde79d00f44e34fcec986689bcda82817c4a98"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26132

GET
H2 200 l
use.typekit.net/af/3f8415/00000000000000007735a9bb/30/ 25 KB
26 KB 147ms
57ms Font
application/font-woff2 2a02:26f0:11a::6867:4851
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3f8415/00000000000000007735a9bb/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97c93526e3f8fe46ecf144bbe83442d7e0d6458021d47039b7db77b32918f530

Request headers

Referer: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Origin: https://www.praetorian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
server: nginx
etag: "8cb803a20ad97d966652b2c079d44eb6f5146fdd"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25940

GET
H2 200 Chariot-Logo.svg
www.praetorian.com/wp-content/uploads/2022/02/ 3 KB
2 KB 246ms
245ms Image
image/svg+xml 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/uploads/2022/02/Chariot-Logo.svg

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

4428a47170425dfb56f55eeb89852100d69b0593853b78773d97a70752e100db

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 22:51:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"620adce1-cc1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';

GET
H2 200 watermark-footer.svg
www.praetorian.com/wp-content/themes/studio-simpatico/svgs/ 6 KB
3 KB 239ms
239ms Image
image/svg+xml 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/themes/studio-simpatico/svgs/watermark-footer.svg

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_7416d6242c1b2cc9eef1fd71a4e935dd.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

202f0d4e1127ce8b1a3029ac6724c6c081d5b7936b0c81ea3f42862618fc22c6

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/wp-content/cache/autoptimize/css/autoptimize_7416d6242c1b2cc9eef1fd71a4e935dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:47 GMT
content-encoding: br
last-modified: Thu, 27 Jan 2022 13:04:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"61f29854-16ff"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';

GET
H2 200 l
use.typekit.net/af/7c9acc/00000000000000007735adc8/30/ 44 KB
45 KB 391ms
336ms Font
application/font-woff2 2a02:26f0:11a::6867:4851
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7c9acc/00000000000000007735adc8/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b084305ba75c61a6309a9dec021937b5d7674640f9017527dda68bf72312e882

Request headers

Referer: https://use.typekit.net/yng4pbv.css?ver=6.0.2
Origin: https://www.praetorian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
server: nginx
etag: "16adcf7e4da5d53f928f7fcda315b413887cac41"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45284

GET
H2 200 image.jpg.webp
www.praetorian.com/wp-content/uploads/2021/01/ 43 KB
44 KB 224ms
218ms Image
image/webp 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/uploads/2021/01/image.jpg.webp

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

1e1cff7b71708735b4aa00f65e0a6e58356ceb38cef6518ec1057851412de6da

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 23:31:47 GMT
server: nginx
etag: "6297f6e3-ad20"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
date: Mon, 19 Sep 2022 14:48:47 GMT
accept-ranges: bytes
content-length: 44320

GET
H2 200 ides-of-march-1200x629.jpeg.webp
www.praetorian.com/wp-content/uploads/2022/03/ 70 KB
70 KB 221ms
217ms Image
image/webp 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/uploads/2022/03/ides-of-march-1200x629.jpeg.webp

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

4252c45b60a9c94b5e4f01c83ce4f62038c7b48adee68eec4712d79d5c4363e4

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 19:23:52 GMT
server: nginx
etag: "6297bcc8-11654"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
date: Mon, 19 Sep 2022 14:48:47 GMT
accept-ranges: bytes
content-length: 71252

GET
H2 200 twitter-video-hero-1200x671.png.webp
www.praetorian.com/wp-content/uploads/2021/10/ 40 KB
41 KB 221ms
218ms Image
image/webp 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/uploads/2021/10/twitter-video-hero-1200x671.png.webp

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

e487c527af59ef640bc5753d3ee3da95239121aa83fcfe03050e4ed2e0a433c8

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 19:57:07 GMT
server: nginx
etag: "6297c493-a192"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
date: Mon, 19 Sep 2022 14:48:48 GMT
accept-ranges: bytes
content-length: 41362

GET
H2 200 Logo-Still-changes.png.webp
www.praetorian.com/wp-content/uploads/2021/01/ 41 KB
41 KB 221ms
218ms Image
image/webp 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/uploads/2021/01/Logo-Still-changes.png.webp

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

a9aa50ca74942bdd9fe577cdeebdb8d41ad05ee4e07341b8e6ae6b54806c54e6

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 23:07:35 GMT
server: nginx
etag: "6297f137-a390"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
date: Mon, 19 Sep 2022 14:48:48 GMT
accept-ranges: bytes
content-length: 41872

GET
H2 200 5f4e24119b1cc51bca570bf4_remote-work-500x333-1.jpg.webp
www.praetorian.com/wp-content/uploads/2021/01/ 31 KB
31 KB 246ms
243ms Image
image/webp 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/uploads/2021/01/5f4e24119b1cc51bca570bf4_remote-work-500x333-1.jpg.webp

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

f9f13d733f7a0219223482afdfc394562d2ac7795627ee937fdef9ff6747c8f1

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 23:43:54 GMT
server: nginx
etag: "6297f9ba-7a9c"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
date: Mon, 19 Sep 2022 14:48:48 GMT
accept-ranges: bytes
content-length: 31388

GET
H2 200 virtual-search-hero.png.webp
www.praetorian.com/wp-content/uploads/2021/10/ 78 KB
78 KB 247ms
244ms Image
image/webp 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/uploads/2021/10/virtual-search-hero.png.webp

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

d89dbefbf96b416ff7de0731ef737fe9636f85ef121b9673ddc4cbba8da119a6

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 19:50:09 GMT
server: nginx
etag: "6297c2f1-136dc"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
date: Mon, 19 Sep 2022 14:48:48 GMT
accept-ranges: bytes
content-length: 79580

GET
H2 200 logo-footer.svg
www.praetorian.com/wp-content/themes/studio-simpatico/svgs/ 6 KB
2 KB 247ms
245ms Image
image/svg+xml 146.148.61.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.praetorian.com/wp-content/themes/studio-simpatico/svgs/logo-footer.svg

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

165.61.148.146.bc.googleusercontent.com

Software

nginx /

Resource Hash

a76538234c074b11702550272f6a00d8ef76f6908e99cd0ca6dc011733ad24fa

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .praetorian.com .google.com .youtube.com .greenhouse.io .doubleclick.net .twitter.com .hsforms.com .hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: br
last-modified: Thu, 27 Jan 2022 13:04:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"61f29856-1710"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';

POST
H/1.1 200
OK VXreAtOk Show response
io.clickguard.com/r/cHJvdGVjdG9y/ 0
668 B 155ms
154ms XHR
text/plain 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/r/cHJvdGVjdG9y/VXreAtOk
Requested by: Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/VXreAtOk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.praetorian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 19 Sep 2022 14:48:48 GMT
via: 1.1 google
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
x-powered-by: Express
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZOf3Lm3EAuodUqWroQi7BExm2yM6rEHjR7BG4VUzjU%2Fd7owpkrkqKdQm%2BAW%2FpAZvfUQdxrGREyxPGQZ%2BDcjztcnZ34G45Z9HyynFXo8hxMni0SZSMHKpugLmtmA0VXGw2SI2n%2FJpRPIYntgKyFg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 74d31fd49835696a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0

OPTIONS
H/1.1 200
OK VXreAtOk
io.clickguard.com/r/cHJvdGVjdG9y/ Frame 0
0 193ms
146ms Preflight
text/html 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/r/cHJvdGVjdG9y/VXreAtOk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.praetorian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 74d31fd3ad55696a-FRA
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Sep 2022 14:48:48 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yla3QF1EQ89NJAQCE7kRkbN%2FMLv8%2FukJUVXhm8a6p3OvsAbY%2FLq1VqYrHF%2ByYtmdYCDeBdE8q6wGuyqXz68eF61JN4IePeDhtLcbL7k%2BbRQZArj5c%2BmsJyexdqmN1qTNDS0PAXaOhkzeRjYwKjFg"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST
via: 1.1 google
x-powered-by: Express

GET
H2 200 hotjar-2851712.js Show response
static.hotjar.com/c/ 7 KB
3 KB 192ms
86ms Script
application/javascript 99.86.240.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2851712.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-124.vie50.r.cloudfront.net

Software

Resource Hash

5ea1b400fee3cae446d8894224ea79c1fc576260e6f93141627f42352ddd022f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C1
x-cache-hit: 1
date: Mon, 19 Sep 2022 14:48:48 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9c157874a076ffdde5f5a44c4371f3a0.cloudfront.net (CloudFront)
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-amz-cf-id: eUL6HE1B2CSdW7VELMJXF0gN5MHJT74h20J1rphKJz5WQgk_OUsHVA==
etag: W/d8e8c54b9a312512df1a7aa1f637d362

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 2 KB
979 B 320ms
206ms Script
text/javascript 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1663598927975

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 19 Sep 2022 14:48:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 74d31fd4a9c2bbeb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_a49fe994c44a9c991691f43c10330c9f/ 2 KB
1 KB 319ms
201ms Script
application/javascript 2600:9000:2394:4200:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_a49fe994c44a9c991691f43c10330c9f/tags.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2394:4200:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

d09dd91f77cdc653bba4d14727b2ceebb04438a2828232b47b2a866d5ed05e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
x-amz-cf-pop: AMS1-P2
etag: W/"aadf18321fb5091088f518b11ecffcf8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 01abec7ece24959c09067a58477de9ee.cloudfront.net (CloudFront)
cache-control: private, max-age=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-id: SCIUaffKxJHhm-QZuwW_nqmnFjNtvvivr6-v4NKd9u6R6xSXilrOMg==

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
32 KB 80ms
24ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?198
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:05:48 GMT
age: 2580
x-guploader-uploadid: ADPycdvmG4dAYYB08rqrSCdssg5rca2X_mkGMHCBsKbvxydJa3eZUXPtecJd5Zo33PBE6x1Kcrx2yIY2Vo2RWjAYPVH_JBNLZg8O
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32025
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "fe36d3317b1b052708eb2260e253aa63"
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
x-goog-generation: 1660081747697868
cache-id: FRA-fa985ced
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 22265125.js Show response
js.hs-scripts.com/ 2 KB
928 B 208ms
146ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/22265125.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 476fa0ad6788d253d1b3f99728b3263fcf41e2207fc47a1021e88a3b01004e8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 14:10:25 GMT
server: cloudflare
x-hubspot-correlation-id: 45847254-bb00-45da-ac48-4bfea28c0f1e
x-trace: 2B8FE9FDC479122B68573D8515D8F38812004304C9000000000000000000
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.praetorian.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 74d31fd448f792b9-FRA
expires: Mon, 19 Sep 2022 14:49:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
74 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19543c54dc1164a9a6b321da652573c1f81f68a3f74630bd6a0f42b5705184e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75381
x-xss-protection: 0
expires: Mon, 19 Sep 2022 14:48:48 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
349 B 90ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WG4YYDQ1NH&gtm=2oe9e0&_p=939836975&_gaz=1&cid=1143669331.1663598928&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663598928&sct=1&seg=0&dl=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&dt=Page%20not%20found%20-%20Praetorian&en=page_view&_fv=1&_nsi=1&_ss=1&up.ClearbitTrafficType=Non-Company&up.ClearbitCompanyName=Non-Company&up.ClearbitCompanyDomain=Non-Company&up.ClearbitIndustry=Non-Company&up.ClearbitHQCountry=Non-Company&up.ClearbitHQState=Non-Company&up.ClearbitHQCity=Non-Company&up.ClearbitEmployeeRange=Non-Company&up.ClearbitEstimatedRevenueRange=Non-Company
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:48:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.praetorian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 84ms
26ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WG4YYDQ1NH&cid=1143669331.1663598928&gtm=2oe9e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WG4YYDQ1NH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:48:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.praetorian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 98ms
48ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WG4YYDQ1NH&cid=1143669331.1663598928&gtm=2oe9e0&aip=1&z=1425744209

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:48:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 utsync.ashx Show response
ml314.com/ 62 B
81 B 98ms
43ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=89211&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&pv=1663598928082_t04a8j3rg&bl=en-us&cb=872222&return=&ht=&d=&dc=&si=1663598928082_t04a8j3rg&cid=&s=1600x1200&rp=&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?198
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:48:47 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 modules.d00377d3a043900eb4ef.js Show response
script.hotjar.com/ 252 KB
65 KB 132ms
43ms Script
application/javascript 18.66.15.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d00377d3a043900eb4ef.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2851712.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-100.vie50.r.cloudfront.net

Software

Resource Hash

f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 13:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 437981
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65532
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 13:08:33 GMT
etag: "74e062f975f5935c93ae5aff80efbd87"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5Hk8RiuysyyaOexAKE-G2YqE4le4yLoR33U1J9qbb7pJKv1DBkJ6yQ==

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 06FD 2 KB
1 KB 97ms
25ms Document
text/html 108.156.60.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2851712.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-78.ams1.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.praetorian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1056701
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 e345c29560592087623dbe75e8d765d6.cloudfront.net (CloudFront)
x-amz-cf-id: 1V2svQaC1SacZM7LehyZZqp21XK1M47FoALom2eGb7qdGP15napbdw==
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 c.gif
grow.clearbitjs.com/api/ 35 B
239 B 249ms
204ms Image
image/gif 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&c=direct

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
date: Mon, 19 Sep 2022 14:48:48 GMT
vary: Accept-Encoding
content-type: image/gif
cf-ray: 74d31fd638739b22-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 402 reveal
reveal.clearbit.com/v1/companies/ 0
0 304ms
204ms Script
application/json 18.171.11.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reveal.clearbit.com/v1/companies/reveal?authorization=pk_a49fe994c44a9c991691f43c10330c9f&callback=revealCallback
Requested by: Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_a49fe994c44a9c991691f43c10330c9f/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.171.11.4 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-11-4.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_a49fe994c44a9c991691f43c10330c9f/ 4 KB
2 KB 436ms
285ms Script
application/javascript 3.11.132.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_a49fe994c44a9c991691f43c10330c9f/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_a49fe994c44a9c991691f43c10330c9f/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.132.212 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-132-212.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

2bfb1e1c4057079dcefa97cd251ccdb15c633712a582bcc4a2545b627614f4b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
vary: Accept-Encoding

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_a49fe994c44a9c991691f43c10330c9f/ 168 KB
45 KB 402ms
251ms Script
application/javascript 3.11.132.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_a49fe994c44a9c991691f43c10330c9f/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_a49fe994c44a9c991691f43c10330c9f/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.132.212 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-132-212.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

bc1d7e65438fdb7005a96ab4a6e9740631496037f0b7fe7f39be088a8eefb8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
vary: Accept-Encoding

GET
H2 200 22265125.js Show response
js.hs-analytics.net/analytics/1663598700000/ 63 KB
20 KB 237ms
181ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1663598700000/22265125.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22265125.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70aa6f5340d1be5228e5cb1b95a80fd1f49f0cbab5413f336bb609ab550c118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 2RQJG3J6E1QQ1G97
x-amz-server-side-encryption: AES256
cf-ray: 74d31fd64f929b31-FRA
x-amz-id-2: 2ZzqmYPrEyEPpwGdglDTM9KP7HeI/s0kZiJJqAjh08RYJHyEHeCes9HfvCyBKIU3fB9Z3o+cCrg=
last-modified: Mon, 19 Sep 2022 14:12:44 GMT
server: cloudflare
etag: W/"35f784067b300d2f493d6cdff769c26a"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 19 Sep 2022 14:53:48 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 103ms
39ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22265125.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad96268c084f73bfd7caff9b12708aaa3958f5b691852a66ca6edbff5cbb3b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
via: 1.1 52e479c500405e4e5b36d8a25429d06c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 559
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.292/bundles/pixels-release.js&cfRay=74d3122ee9299948-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 19 Sep 2022 01:19:12 UTC
server: cloudflare
etag: W/"3ddb5311061af493bf45a46ad102035c"
vary: Accept-Encoding
x-amz-version-id: _ilLjO_Ic2VuI1NjCMpRRtVJyLlc7j3G
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD55-P5
cf-ray: 74d31fd65e0a9b39-FRA
x-amz-cf-id: 965RLiW2qIdU_NTphCnlYuI-biZDqpn-jOpRz2DStp_YOeTINzyhZA==
x-hs-target-asset: adsscriptloaderstatic/static-1.292/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 100ms
37ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22265125.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://www.praetorian.com/
Origin: https://www.praetorian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
via: 1.1 87e02820e63ff6cf9cd98d9efbaab1fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 64845
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74ccf0b7db11903d-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 74d31fd6594a9030-FRA
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
content-type: application/javascript; charset=utf-8
x-amz-cf-id: KuMOYo4SB-kmjB_tVx467s0rx-6UN81Ul6GDu-f2j3TvadUovmrvVA==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 22265125.js Show response
js.hs-banner.com/ 60 KB
16 KB 574ms
514ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/22265125.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22265125.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3441578a649531c4db5d5e0f390f9a4a3f3f802169e87416d79dacb46258e511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: SAZ26MGFDR0RP3VN
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: EtzYBKIUTvtxEqZmMNxYtXRi0BxJ9/RzqRDFbm+kZmzg5408n6OhLE29abObdCzJPSnIJ1rQ8eU=
timing-allow-origin: *
last-modified: Sat, 17 Sep 2022 12:39:54 GMT
server: cloudflare
etag: W/"fa8f34538cd8ea86e44a62544a297778"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: wk4y0Hpz8JdcGzyxtjPsjouZSvOdXV6i
access-control-allow-origin: https://www.praetorian.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 74d31fd659a59b69-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 19 Sep 2022 14:53:48 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2851712/ 148 B
322 B 163ms
44ms XHR
application/json 34.255.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2851712/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.240.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-240-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2

Request headers

Referer: https://www.praetorian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 preact-incoming-feedback.80272908b8664ba09960.js Show response
script.hotjar.com/ 161 KB
33 KB 33ms
33ms Script
application/javascript 18.66.15.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.80272908b8664ba09960.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d00377d3a043900eb4ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-100.vie50.r.cloudfront.net

Software

Resource Hash

32ee7f14318443dfad000b8cdcaf5105c6a1b210ce3a2b528ec1787d9eb1298e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1050640
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 33065
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 10:57:54 GMT
etag: "e63c912777edcaad0561bd0db8bd772f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: OweBWy05EDCP_CG0CjWRAhELTmetFj_37O7nYafNpBy_0g-GVS13iA==

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 116 B
1 KB 208ms
151ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=22265125&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0d70fc8d72adca6ac200b5c41dd5c4de7c928eb236734944ab1674aef2b7ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.praetorian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b51eeaa3-3342-4156-895f-61d683d1abf0
cf-ray: 74d31fd73995bc03-FRA
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiXk3LXQE2kWiWhs44ynouwHBNpdDEjRpGVNGvPqSyUxHY0KhkOWE9nnMvYKum3YgwOhhztrNOs8Pe6hFsV9QLiYKcp4LACXXPblpV1eYsCM9P9iqCsAa%2FVhBcPwUmB0J%2BSCkyDnsVnzoEqvQQ4X"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.praetorian.com
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 92ms
29ms Font
font/woff2 18.66.15.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-100.vie50.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.praetorian.com/
Origin: https://www.praetorian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2454713
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 10:35:32 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: font/woff2
via: 1.1 745bd6e0dfe1d054bf9397c4a6fbc612.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: goULhK42WAqZJxUKJkgrSi6_N1riLFoTPaNKFCdzrxFdxjTjij9zxg==

POST
H2 200 content Show response
ws31.hotjar.com/api/v2/sites/2851712/recordings/ 66 B
257 B 321ms
50ms XHR
application/json 52.50.214.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws31.hotjar.com/api/v2/sites/2851712/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.214.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 853bd28d3bf49b9f5b4a4988b172860ef52f7dfbc080f809a279dbcfe89f5721

Request headers

Referer: https://www.praetorian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 277ms
202ms XHR
application/json 18.171.11.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_a49fe994c44a9c991691f43c10330c9f/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.171.11.4 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-171-11-4.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.praetorian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Sep 2022 14:48:48 GMT
content-encoding: gzip
vary: Accept-Encoding
server: envoy
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://api.segment.io https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self'; img-src 'self' data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.praetorian.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: Authorization, API-Version, Content-Type
x-content-type-options: nosniff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_a49fe994c44a9c991691f43c10330c9f/destinations.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6408
date: Mon, 19 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 15:02:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 67 B
840 B 276ms
232ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=22265125

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c2e83d1d35019781e2acaf633af1a85b4093587444e600636f72cf6c0ccd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 61275648-a981-4363-8d61-8991a4a7cca3
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B433B3EED8871543C0869A0AD6B519ED60E791F17000000000000000000
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1aDdcqEVOtNnOf0LK26rEJRdDt8yZsSgraooEAmiGPR1l4NLCGNKbEfuWWaY6WwiGJjZFOeYVTvKIDNTi0HZWWzSUvXQHRKTcKS%2BHv9cRRHGc3Nf7CGkkcOYbSJtHzr7v2tDsKKgFGJSMd%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.praetorian.com
access-control-allow-credentials: false
cf-ray: 74d31fd9de3e9bee-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 399ms
104ms Script
application/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 14:48:49 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Wed, 14 Sep 2022 05:18:17 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Wed, 18 Sep 2024 14:48:49 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
891 B 250ms
196ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=22265125&pu=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&t=Page+not+found+-+Praetorian&cts=1663598928891&vi=853f64d7d6fb1f061c7ea42dd94bd383&nc=true&u=185921974.853f64d7d6fb1f061c7ea42dd94bd383.1663598928888.1663598928888.1663598928888.1&b=185921974.1.1663598928888&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: dac5c41c-84f7-4916-9ea7-559953e0d36b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKsKHV0NztpFydgV2giduUFmGsRqpTBi7VvTOmMYHhhaChM3EXzeNqcRb7DfK9%2BoRcpGbEL9%2BsZWRfO9Egs3v0DYe%2FPD9EGPXOWRahXK5mwnT02KrCX5sf6XTzHWruOjBbSWMj2RBWbMixZSTAf3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 74d31fd9fcca994a-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-973478582

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5d65a13642febb8ad1075993c2e014c79efca9f7dcc61cbac58acd903b93c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61809
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 14:48:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-973478582&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SGWLT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f36d577aa2e3f5443857c3d60e1105ab8dbc0878b7df1d0ce6794e27bb00a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61806
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 14:48:49 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 229ms
121ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973478582

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 14:48:49 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 274ms
274ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=76408&account_id=875901&title=Page%20not%20found%20-%20Praetorian&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-120-28.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

59dc634d8cdd38ca2c862bd06c157e6876cb6afd6075494bf01e1be1a49a3e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 19 Sep 2022 14:48:49 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
Connection: keep-alive
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Content-Length: 536
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/973478582/ 2 KB
2 KB 123ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973478582/?random=1663598929500&cv=9&fst=1663598929500&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&tiba=Page%20not%20found%20-%20Praetorian&auid=1460421415.1663598928&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9183343b6692b30d9b383f9958a4ea4d06d35da8cf9ffbaf190cd82df912830b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics Show response
lp.praetorian.com/ 50 B
1 KB 485ms
193ms Script
text/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.praetorian.com/analytics?conly=true&visitor_id=316327579&visitor_id_sign=3bab45184d66e3cd6e8db955c6b99de8a794a9fbe6948bb228d89940e32053fc3651e42abdebd26bf7a907fe71854d8daebb61bd&pi_opt_in=&campaign_id=76408&account_id=875901&title=Page%20not%20found%20-%20Praetorian&url=https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=76408&account_id=875901&title=Page%20not%20found%20-%20Praetorian&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 19 Sep 2022 14:48:49 GMT
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/973478582/ 42 B
548 B 127ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/973478582/?random=1663598929500&cv=9&fst=1663596000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&tiba=Page%20not%20found%20-%20Praetorian&async=1&fmt=3&is_vtc=1&random=3112486007&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:48:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/973478582/ 42 B
64 B 129ms
32ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/973478582/?random=1663598929500&cv=9&fst=1663596000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fpart-2-adapting-%25E2%2580%25A6tunistic-attacks%2F&tiba=Page%20not%20found%20-%20Praetorian&async=1&fmt=3&is_vtc=1&random=3112486007&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.praetorian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:48:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.praetorian.com/	1970-01-20 08:16:14	Name: _gcl_au Value: 1.1.1460421415.1663598928
.praetorian.com/	1970-01-20 15:42:38	Name: _ga_WG4YYDQ1NH Value: GS1.1.1663598928.1.0.1663598928.60.0.0
.praetorian.com/	1970-01-20 15:42:38	Name: _ga Value: GA1.1.1143669331.1663598928
.praetorian.com/	1970-01-20 14:52:14	Name: _hjSessionUser_2851712 Value: eyJpZCI6ImJiY2UxNWUyLTdiY2ItNTgyYi05NzJkLWZlODU2NDNlZDkxMCIsImNyZWF0ZWQiOjE2NjM1OTg5MjgzNzAsImV4aXN0aW5nIjpmYWxzZX0=
.praetorian.com/	1970-01-20 06:06:40	Name: _hjFirstSeen Value: 1
www.praetorian.com/	1970-01-20 06:06:39	Name: _hjIncludedInSessionSample Value: 1
.praetorian.com/	1970-01-20 06:06:40	Name: _hjSession_2851712 Value: eyJpZCI6IjUwZjExMTUyLTIxMTItNGJlOS04YjVmLTQxNTEzMGE2ZDMzMyIsImNyZWF0ZWQiOjE2NjM1OTg5MjgzODcsImluU2FtcGxlIjp0cnVlfQ==
www.praetorian.com/	1970-01-20 06:06:39	Name: _hjIncludedInPageviewSample Value: 1
.praetorian.com/	1970-01-20 06:06:40	Name: _hjAbsoluteSessionInProgress Value: 0
.praetorian.com/	1970-01-20 14:52:14	Name: cb_user_id Value: null
.praetorian.com/	1970-01-20 14:52:14	Name: cb_group_id Value: null
.praetorian.com/	1970-01-20 14:52:14	Name: cb_anonymous_id Value: %2296b948bd-c5c4-4ccf-a53d-f3c3a480f233%22
.praetorian.com/	1970-01-20 10:25:50	Name: __hstc Value: 185921974.853f64d7d6fb1f061c7ea42dd94bd383.1663598928888.1663598928888.1663598928888.1
.praetorian.com/	1970-01-20 10:25:50	Name: hubspotutk Value: 853f64d7d6fb1f061c7ea42dd94bd383
.praetorian.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.praetorian.com/	1970-01-20 06:06:40	Name: __hssc Value: 185921974.1.1663598928888
.hubspot.com/	1970-01-20 06:06:40	Name: __cf_bm Value: OAoJkGRfK__MRE9UHpfB60ef_3tnZhNdDUZJBa4v2UA-1663598929-0-AYjJ/2MKobGq0Ide5YKgCvxfVbHu/ZSGWM18+sgA9hfWvLsHtLdYdZ6f35KRTRsoWdcL1QSpLjhL0Rw+iw8hLRU=
.pardot.com/	1970-01-20 15:42:38	Name: visitor_id874901 Value: 316327579
.pardot.com/	1970-01-20 15:42:38	Name: visitor_id874901-hash Value: 3bab45184d66e3cd6e8db955c6b99de8a794a9fbe6948bb228d89940e32053fc3651e42abdebd26bf7a907fe71854d8daebb61bd
pi.pardot.com/	1970-01-20 06:06:40	Name: lpv874901 Value: aHR0cHM6Ly93d3cucHJhZXRvcmlhbi5jb20vYmxvZy9wYXJ0LTItYWRhcHRpbmctJUUyJTgwJUE2dHVuaXN0aWMtYXR0YWNrcy8%3D
www.praetorian.com/	1970-01-20 15:42:38	Name: visitor_id874901 Value: 316327579
www.praetorian.com/	1970-01-20 15:42:38	Name: visitor_id874901-hash Value: 3bab45184d66e3cd6e8db955c6b99de8a794a9fbe6948bb228d89940e32053fc3651e42abdebd26bf7a907fe71854d8daebb61bd
.doubleclick.net/	1970-01-20 06:06:39	Name: test_cookie Value: CheckForPermission
lp.praetorian.com/	1970-01-20 15:42:38	Name: visitor_id874901 Value: 316327579
lp.praetorian.com/	1970-01-20 15:42:38	Name: visitor_id874901-hash Value: 3bab45184d66e3cd6e8db955c6b99de8a794a9fbe6948bb228d89940e32053fc3651e42abdebd26bf7a907fe71854d8daebb61bd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.praetorian.com/blog/part-2-adapting-%E2%80%A6tunistic-attacks/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://reveal.clearbit.com/v1/companies/reveal?authorization=pk_a49fe994c44a9c991691f43c10330c9f&callback=revealCallback Message: Failed to load resource: the server responded with a status of 402 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
app.clearbit.com
forms.hubspot.com
googleads.g.doubleclick.net
grow.clearbitjs.com
in.hotjar.com
io.clickguard.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
lp.praetorian.com
ml314.com
p.typekit.net
pi.pardot.com
region1.analytics.google.com
reveal.clearbit.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tag.clearbitscripts.com
track.hubspot.com
use.typekit.net
vars.hotjar.com
ws31.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.praetorian.com
x.clearbitjs.com
108.156.60.78
142.250.185.162
146.148.61.165
18.171.11.4
18.208.125.13
18.66.15.100
2001:4860:4802:34::36
216.24.57.3
2600:9000:2394:4200:7:d7d6:3c40:93a1
2606:4700:20::681a:c98
2606:4700:4400::6812:21ab
2606:4700::6811:45b0
2606:4700::6811:71b0
2606:4700::6811:81ab
2606:4700::6811:c8cc
2606:4700::6811:d5cc
2606:4700::6813:9b53
2a00:1450:4001:801::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:828::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c0c::9d
2a02:26f0:11a::6867:4851
2a02:26f0:11a::6867:4868
3.11.132.212
3.92.120.28
34.111.234.236
34.255.240.59
52.50.214.14
99.86.240.124
14baedfe731f2382e164a3203d6e2c30f429af9eea015b916a28ccdcdaa634a7
19543c54dc1164a9a6b321da652573c1f81f68a3f74630bd6a0f42b5705184e5
1b52c6a2e51fe8d9a185649b9b7cffb2c1862ec60cf612070432c1ac4109c06e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e1cff7b71708735b4aa00f65e0a6e58356ceb38cef6518ec1057851412de6da
202f0d4e1127ce8b1a3029ac6724c6c081d5b7936b0c81ea3f42862618fc22c6
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2bfb1e1c4057079dcefa97cd251ccdb15c633712a582bcc4a2545b627614f4b2
314dc77e43e812b7ba29ea887b8d51f4260fac07b6a32ea3908182582e9fef1c
32ee7f14318443dfad000b8cdcaf5105c6a1b210ce3a2b528ec1787d9eb1298e
3441578a649531c4db5d5e0f390f9a4a3f3f802169e87416d79dacb46258e511
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
417debb36c2433e8aac621b9b88cef9aee936879ee30051b8724b606bcc84fd9
4252c45b60a9c94b5e4f01c83ce4f62038c7b48adee68eec4712d79d5c4363e4
4428a47170425dfb56f55eeb89852100d69b0593853b78773d97a70752e100db
46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2
476fa0ad6788d253d1b3f99728b3263fcf41e2207fc47a1021e88a3b01004e8f
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
59dc634d8cdd38ca2c862bd06c157e6876cb6afd6075494bf01e1be1a49a3e25
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5e0d70fc8d72adca6ac200b5c41dd5c4de7c928eb236734944ab1674aef2b7ce
5ea1b400fee3cae446d8894224ea79c1fc576260e6f93141627f42352ddd022f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7ff1bfbac107898c4ca926d8c0363f98dbe44a711a0f9734683513de005900
75834bf25783a12726294009beb5fb6b3aef5f9102975397c170054869fd1be3
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7f36d577aa2e3f5443857c3d60e1105ab8dbc0878b7df1d0ce6794e27bb00a0b
853bd28d3bf49b9f5b4a4988b172860ef52f7dfbc080f809a279dbcfe89f5721
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
9183343b6692b30d9b383f9958a4ea4d06d35da8cf9ffbaf190cd82df912830b
91d03403e569d7b22b7d926a34923d81eaadee35f7956c5eb35325532ad3752a
97c93526e3f8fe46ecf144bbe83442d7e0d6458021d47039b7db77b32918f530
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a60e4a6f8b89cbd1debcd7f90a0e60099a7caa9490a3c5305b18cb094c53dd4b
a76538234c074b11702550272f6a00d8ef76f6908e99cd0ca6dc011733ad24fa
a9aa50ca74942bdd9fe577cdeebdb8d41ad05ee4e07341b8e6ae6b54806c54e6
ad96268c084f73bfd7caff9b12708aaa3958f5b691852a66ca6edbff5cbb3b97
b084305ba75c61a6309a9dec021937b5d7674640f9017527dda68bf72312e882
b475b2648fbcf6b9f1535198a5f52c11dc0bb9ed88bbf93d39eb1be9a391edc4
bc1d7e65438fdb7005a96ab4a6e9740631496037f0b7fe7f39be088a8eefb8ac
c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6
c5d65a13642febb8ad1075993c2e014c79efca9f7dcc61cbac58acd903b93c12
c70aa6f5340d1be5228e5cb1b95a80fd1f49f0cbab5413f336bb609ab550c118
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d09dd91f77cdc653bba4d14727b2ceebb04438a2828232b47b2a866d5ed05e82
d89dbefbf96b416ff7de0731ef737fe9636f85ef121b9673ddc4cbba8da119a6
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e1c2e83d1d35019781e2acaf633af1a85b4093587444e600636f72cf6c0ccd03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e487c527af59ef640bc5753d3ee3da95239121aa83fcfe03050e4ed2e0a433c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
f53e5905a6dcd6b38600443002422947dc0923e02086424f088a4fbc7d79aa33
f9f13d733f7a0219223482afdfc394562d2ac7795627ee937fdef9ff6747c8f1
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

www.praetorian.com Open in urlscan Pro 146.148.61.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

58 %IPv6

22 Domains

33 Subdomains

31 IPs

6 Countries

1134 kBTransfer

2537 kBSize

25 Cookies

6 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.praetorian.com Open in urlscan Pro
146.148.61.165 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

58 %
IPv6

22
Domains

33
Subdomains

31
IPs

6
Countries

1134 kB
Transfer

2537 kB
Size

25
Cookies

62 HTTP transactions
0 data transactions