pratum.com Open in urlscan Pro
192.124.249.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d1337p04.na1.hubspotlinks.com/Btc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-WJV7CgPYvW35Syxz2RQpq...
Effective URL:
https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz...
Submission: On December 02 via api (December 2nd 2021, 6:04:05 pm UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 27 domains to perform 116 HTTP transactions. The main IP is 192.124.249.57, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is pratum.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 23rd 2021. Valid for: a year.

This is the only time pratum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1e69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	192.124.249.57 192.124.249.57	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ddcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
7	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
5	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:b672	13335 (CLOUDFLAR...) (CLOUDFLARENET)
116	34

2 2606:4700::6812:1e69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

d1337p04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 192.124.249.57 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10057.sucuri.net

pratum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ddcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:b672 (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent40.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	pratum.com pratum.com	4 MB
14	google.com www.google.com apis.google.com accounts.google.com	147 KB
14	hubspot.com no-cache.hubspot.com cta-service-cms2.hubspot.com forms.hubspot.com api.hubspot.com track.hubspot.com app.hubspot.com	32 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
5	hsappstatic.net static.hsappstatic.net	258 KB
5	hsforms.com forms.hsforms.com perf.hsforms.com	4 KB
3	google.de www.google.de	719 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	162 KB
3	hsforms.net js.hsforms.net	295 KB
2	hubspotusercontent40.net f.hubspotusercontent40.net	81 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com	62 KB
2	hubspotlinks.com 1 redirects d1337p04.na1.hubspotlinks.com	3 KB
1	hubapi.com api.hubapi.com	939 B
1	linkedin.com platform.linkedin.com	61 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	usemessages.com js.usemessages.com	21 KB
1	hs-scripts.com js.hs-scripts.com	1 KB
1	hscta.net js.hscta.net	6 KB
1	googleapis.com fonts.googleapis.com	1021 B
116	27

	Domain	Requested by
39	pratum.com	d1337p04.na1.hubspotlinks.com pratum.com
7	apis.google.com	pratum.com apis.google.com accounts.google.com
6	www.google.com	pratum.com js.hsleadflows.net apis.google.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	track.hubspot.com
4	platform.twitter.com	pratum.com platform.twitter.com
3	perf.hsforms.com	pratum.com
3	www.google.de	pratum.com
3	api.hubspot.com	js.usemessages.com static.hsappstatic.net
3	js.hsforms.net	pratum.com js.hsforms.net
2	f.hubspotusercontent40.net
2	syndication.twitter.com	platform.twitter.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	cta-service-cms2.hubspot.com	js.hscta.net
2	forms.hsforms.com	js.hsforms.net pratum.com
2	www.google-analytics.com	pratum.com www.google-analytics.com
2	www.googletagmanager.com	pratum.com js.hsadspixel.net
2	netdna.bootstrapcdn.com	pratum.com netdna.bootstrapcdn.com
2	d1337p04.na1.hubspotlinks.com	1 redirects
1	ssl.gstatic.com	accounts.google.com
1	accounts.google.com	apis.google.com
1	www.gstatic.com	www.google.com
1	app.hubspot.com	js.usemessages.com
1	api.hubapi.com	js.hsadspixel.net
1	platform.linkedin.com	pratum.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	fonts.gstatic.com	fonts.googleapis.com
1	js.hs-scripts.com	pratum.com
1	js.hscta.net	pratum.com
1	no-cache.hubspot.com	pratum.com
1	fonts.googleapis.com	pratum.com
116	39

This site contains links to these domains. Also see Links.

Domain
secureiowaconference.com
www.dmacc.edu
www.efcoforms.com
info.pratum.com
www.twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
pratum.com Go Daddy Secure Certificate Authority - G2	`2021-06-23` - `2022-06-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2020-07-03` - `2022-07-08`	2 years	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
Frame ID: 890B83FC218CFE60EB9CA011BB8D19A7
Requests: 95 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: 100190A2D3A734BEB6578BD9608C5D43
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/8984595/threads/utk/80c3522c70f940deb65762f6aea893a0?uuid=ebda824d3b4c4478bb92f83edfc30925&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pratum.com&inApp53=false&messagesUtk=80c3522c70f940deb65762f6aea893a0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: DF602E076A19BDDCF913CA4517EB9060
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpratum.com
Frame ID: EF4611E3052C4D8C3BD6C64877B1F938
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&hl=en&origin=https%3A%2F%2Fpratum.com&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: B4032D044C0E4A21B2E7CD800E861A6E
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/sharebutton?plusShare=true&usegapi=1&annotation=none&action=share&hl=en&origin=https%3A%2F%2Fpratum.com&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: 004D8F273287ABC942AD3C0B3D9670A4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: 993CCCB6EDEB7A0BF585813F1AAC26FF
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpratum.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: 89DF813C8F2FFEDC462D57BF5A382FC9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lessons Learned from Ransomware Attacks - Pratum

Page URL History Show full URLs

https://d1337p04.na1.hubspotlinks.com/Btc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-W... Page URL
https://d1337p04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmK... HTTP 307
https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=1902... Page URL

Page Statistics

116
Requests

100 %
HTTPS

91 %
IPv6

27
Domains

39
Subdomains

34
IPs

3
Countries

5296 kB
Transfer

8555 kB
Size

13
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://secureiowaconference.com/
Title: 2021 Secure Iowa Conference

Search URL Search Domain Scan URL

URL: https://www.dmacc.edu/Pages/welcome.aspx
Title: Des Moines Area Community College

Search URL Search Domain Scan URL

URL: https://www.efcoforms.com/
Title: EFCO

Search URL Search Domain Scan URL

URL: https://info.pratum.com/ransomware-poster?__hstc=&__hssc=&hsCtaTracking=d736db32-2f97-449e-8bb8-0fa7ce0da92e%7Cb5fb5bca-8a4d-4786-a2ad-349d05703a2e

Search URL Search Domain Scan URL

URL: https://info.pratum.com/cs/c/?cta_guid=b5fb5bca-8a4d-4786-a2ad-349d05703a2e&signature=AAH58kEmMjD6SxdhobYqu7aARg7L7G7gBA&placement_guid=d736db32-2f97-449e-8bb8-0fa7ce0da92e&click=a1542982-8185-4e32-9b24-cb99d00aa4d0&hsutk=8f3fb441cb2af1cf11003495753e35ad&canon=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&portal_id=8984595&redirect_url=APefjpGdU9TpdB9LF7BDwtOhaYWfc28yLRUmHxnxrrKBHgnXbmvF6Mb_vYUTQklND0vbRawDfHI2tFZ1F7JOAXfWJ7BYkuV4nWw1mJgMczDL8zugdka7ZsRFBwv4bxX-RWn2iTdZxMSt&__hstc=240358044.8f3fb441cb2af1cf11003495753e35ad.1638468236685.1638468236685.1638468236685.1&__hssc=240358044.1.1638468236685&__hsfp=808429732
Title: Get Poster

Search URL Search Domain Scan URL

URL: https://www.twitter.com/pratumsecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pratum/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d1337p04.na1.hubspotlinks.com/Btc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-WJV7CgPYvW35Syxz2RQpqdW4Z8_wQ1Wq5LzW3rz-9-65MZ8fW7w44Q35CmMkZW8cTfD_7mhd_NW6MKWl23kGJsYVJ9b7k5KNRjpW8lRJ3N7q1HvTW5rdgzv1f82V3W436S328P3LsSW8cK2Rh8_g5hWW3whQ2R8KNRN2W14txNr8jyH2qW4-6L3-5LpCK8W7B4QNM376BVHVW-ZFz1hMJNZN3Y3HqFxm_PKW4nlJ3N16lZY8W8l3QYC6vssC0N9kBK75cWH0qW8qDw6b5YyvG2W4JxrNw1QX5r4W837Fbg4Xp5v9W7dfV3g2k2yTxW91NgCv47y_tLN6rmS50JVtY338yj1 Page URL
https://d1337p04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-WJV7CgPYvW35Syxz2RQpqdW4Z8_wQ1Wq5LzW3rz-9-65MZ8fW7w44Q35CmMkZW8cTfD_7mhd_NW6MKWl23kGJsYVJ9b7k5KNRjpW8lRJ3N7q1HvTW5rdgzv1f82V3W436S328P3LsSW8cK2Rh8_g5hWW3whQ2R8KNRN2W14txNr8jyH2qW4-6L3-5LpCK8W7B4QNM376BVHVW-ZFz1hMJNZN3Y3HqFxm_PKW4nlJ3N16lZY8W8l3QYC6vssC0N9kBK75cWH0qW8qDw6b5YyvG2W4JxrNw1QX5r4W837Fbg4Xp5v9W7dfV3g2k2yTxW91NgCv47y_tLN6rmS50JVtY338yj1?_ud=eac554cb-e477-4551-b52b-aa13c6d5c792&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

116 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-WJV7CgPYvW35Syxz2RQpqdW4Z8_wQ1Wq5LzW3rz-9-65MZ8fW7w44Q35CmMkZW8cTfD_7mhd_NW6MKWl23kGJsYVJ9b7k5KNRjpW8lRJ3N7q1HvTW5rdgzv1f82V3W436S328P3LsSW8cK2R... Show response
d1337p04.na1.hubspotlinks.com/Btc/5E+20185/d1337p04/ 9 KB
3 KB 623ms
508ms Document
text/html 2606:4700::6812:1e69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d1337p04.na1.hubspotlinks.com/Btc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-WJV7CgPYvW35Syxz2RQpqdW4Z8_wQ1Wq5LzW3rz-9-65MZ8fW7w44Q35CmMkZW8cTfD_7mhd_NW6MKWl23kGJsYVJ9b7k5KNRjpW8lRJ3N7q1HvTW5rdgzv1f82V3W436S328P3LsSW8cK2Rh8_g5hWW3whQ2R8KNRN2W14txNr8jyH2qW4-6L3-5LpCK8W7B4QNM376BVHVW-ZFz1hMJNZN3Y3HqFxm_PKW4nlJ3N16lZY8W8l3QYC6vssC0N9kBK75cWH0qW8qDw6b5YyvG2W4JxrNw1QX5r4W837Fbg4Xp5v9W7dfV3g2k2yTxW91NgCv47y_tLN6rmS50JVtY338yj1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c45d498184f68da18ab20d368ede7d0a6e1c36560a6a50517699da5404e7af7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 02 Dec 2021 18:03:53 GMT
content-type: text/html;charset=utf-8
x-robots-tag: none
referrer-policy: no-referrer
vary: Accept-Encoding
x-hubspot-correlation-id: ae66037f-3674-41f8-b018-f806a324bf23
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b767979e99705bb-FRA
content-encoding: br

GET
H2

403

Primary Request 517-lessons-learned-from-ransomware-attacks Show response
pratum.com/blog/
Redirect Chain

https://d1337p04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-WJV7CgPYvW35Syxz2RQpqdW4Z8_wQ1Wq5LzW3rz-9-65MZ8fW7w44Q...
https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHn...

45 KB
14 KB

890ms
695ms

Document
text/html

192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email

Requested by

Host: d1337p04.na1.hubspotlinks.com
URL: https://d1337p04.na1.hubspotlinks.com/Btc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-WJV7CgPYvW35Syxz2RQpqdW4Z8_wQ1Wq5LzW3rz-9-65MZ8fW7w44Q35CmMkZW8cTfD_7mhd_NW6MKWl23kGJsYVJ9b7k5KNRjpW8lRJ3N7q1HvTW5rdgzv1f82V3W436S328P3LsSW8cK2Rh8_g5hWW3whQ2R8KNRN2W14txNr8jyH2qW4-6L3-5LpCK8W7B4QNM376BVHVW-ZFz1hMJNZN3Y3HqFxm_PKW4nlJ3N16lZY8W8l3QYC6vssC0N9kBK75cWH0qW8qDw6b5YyvG2W4JxrNw1QX5r4W837Fbg4Xp5v9W7dfV3g2k2yTxW91NgCv47y_tLN6rmS50JVtY338yj1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

7a1134a52b0aad0e551e07e05fc010b1376ff284e7f76579f397a59d13f34429

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d1337p04.na1.hubspotlinks.com/Btc/5E+20185/d1337p04/VWpH597pDNn4W1gvmNf2fZmKkW3LfLlX4BBTdwN6-TN-k3lScmV1-WJV7CgPYvW35Syxz2RQpqdW4Z8_wQ1Wq5LzW3rz-9-65MZ8fW7w44Q35CmMkZW8cTfD_7mhd_NW6MKWl23kGJsYVJ9b7k5KNRjpW8lRJ3N7q1HvTW5rdgzv1f82V3W436S328P3LsSW8cK2Rh8_g5hWW3whQ2R8KNRN2W14txNr8jyH2qW4-6L3-5LpCK8W7B4QNM376BVHVW-ZFz1hMJNZN3Y3HqFxm_PKW4nlJ3N16lZY8W8l3QYC6vssC0N9kBK75cWH0qW8qDw6b5YyvG2W4JxrNw1QX5r4W837Fbg4Xp5v9W7dfV3g2k2yTxW91NgCv47y_tLN6rmS50JVtY338yj1

Response headers

server: nginx
date: Thu, 02 Dec 2021 18:03:54 GMT
content-type: text/html; charset=utf-8
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
permissions-policy: interest-cohort=()
content-encoding: gzip
vary: Accept-Encoding
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 02 Dec 2021 18:03:55 GMT
x-sucuri-cache: MISS

Redirect headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-robots-tag: none
link: <https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email>; rel="canonical"
location: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
referrer-policy: no-referrer
x-hubspot-correlation-id: aabfadf9-0a03-4958-b95e-a8c7321e185b
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b76797d483905bb-FRA

GET
H2 200 bootstrap.min.css
pratum.com/templates/avendor/css/ 107 KB
107 KB 63ms
62ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/css/bootstrap.min.css

Requested by

Host: pratum.com
URL: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 109522
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.3.0/css/ 28 KB
6 KB 176ms
75ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 8699403
cdn-cachedat: 2021-07-24 16:53:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2df1db1c1bde5cb32a4cae1ba297613a
cf-ray: 6b767986bc7e2bdd-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 avendor-light.css
pratum.com/templates/avendor/css/ 104 KB
105 KB 140ms
138ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/css/avendor-light.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

858a841eeb944e8246888743c6aad09d3591f56986d7e4a8ef7a5f61c5d6c9b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Dec 2020 16:24:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 106683
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 joomla.css
pratum.com/templates/avendor/css/ 25 KB
25 KB 140ms
138ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/css/joomla.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

3a9cbcbec8f6ed3bbe0262a9354405bd8855566f0340a5044a49b4febf4ae91d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 25447
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avendor-font-styles.css
pratum.com/templates/avendor/css/ 108 KB
108 KB 140ms
138ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/css/avendor-font-styles.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

869ac15c910a336a380f77c870aeb154ee77d1c56e6450dd0d7b85877b2b4bc1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 110446
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.css
pratum.com/templates/avendor/css/ 75 KB
76 KB 140ms
138ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/css/animate.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

f348544fc10b4a29072e8eaf28d831cf9ab23e274d30b16825c1acfd3418832e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 77166
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 options.css.php
pratum.com/templates/avendor/css/ 9 KB
9 KB 533ms
531ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/css/options.css.php?c1=007398&c2=0099cc&c3=&c4=&bg=bg-custom

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

69d6d79ddea8e76e73fe6c9ce4f47d45a1cb469abf497c49ef573f3fed046dd5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
x-sucuri-cache: BYPASS
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
x-xss-protection: 1; mode=block

GET
H2 200 overrider.css
pratum.com/templates/avendor/css/ 3 KB
3 KB 140ms
138ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/css/overrider.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

3b892aba7aa482b252130b67278e4bdeabb56afab3440ea345ad4f6d3cbb4e0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 19:09:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 3155
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.css
pratum.com/templates/avendor/css/ 167 B
475 B 140ms
138ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/css/custom.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

6dd19753205a348c50fce29f867f3b02c1daac5f8874fe3ab37d5574502a70de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 May 2020 18:27:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1021 B 231ms
70ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2961ef025e9598bbc17229d642d373a9eb7feaa927ac1149a1bfc546d31caed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 16:12:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Dec 2021 18:03:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Dec 2021 18:03:55 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
pratum.com/templates/avendor/js/ 94 KB
94 KB 140ms
138ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery-1.11.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 95786
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
pratum.com/plugins/content/fastsocialshare/style/ 2 KB
2 KB 139ms
138ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/plugins/content/fastsocialshare/style/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

020d1a573669e72a8e8683c79172d665c5715159411eca3be5ad54bc154d5895

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 1830
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 prat.css
pratum.com/plugins/system/cookiehint/css/ 921 B
1 KB 139ms
138ms Stylesheet
text/css 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/plugins/system/cookiehint/css/prat.css?d167659280380cb1c68256ebb65d604a

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

8f57f926ba6c5873973da65dafa127b5a10efcaa3bd2dbc08b9f7a8cb066fad6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 May 2019 21:06:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 921
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 caption.js Show response
pratum.com/media/system/js/ 491 B
809 B 139ms
138ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/media/system/js/caption.js?d167659280380cb1c68256ebb65d604a

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Oct 2021 07:46:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 491
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.js Show response
pratum.com/media/system/js/ 9 KB
9 KB 139ms
139ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/media/system/js/core.js?d167659280380cb1c68256ebb65d604a

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Oct 2021 07:46:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 8735
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 keepalive.js Show response
pratum.com/media/system/js/ 462 B
780 B 139ms
139ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/media/system/js/keepalive.js?d167659280380cb1c68256ebb65d604a

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

1df72eb0c6f570ba6c078ebea6e42747f7e11f68bcccdb8c528f85ef39d46df0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Oct 2021 07:46:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 462
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 227ms
114ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-869024229

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cea89fee36e45693d430ef41dc08299b0d3c49b62770f1cef3cc00b9fef96a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39569
x-xss-protection: 0
expires: Thu, 02 Dec 2021 18:03:55 GMT

GET
H2 200 Pratum-web-menu-logo.png
pratum.com/images/logo/ 9 KB
9 KB 64ms
62ms Image
image/png 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pratum.com/images/logo/Pratum-web-menu-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

b33647812966e950d652ec553e1ae58cd5d46f61b5309ff74cbaf8bd0db0254e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Apr 2020 16:49:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 8883
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 October_Blog_Week2_Feature_Pratum_20210817_RXX.jpg
pratum.com/images/blog/ 205 KB
206 KB 311ms
309ms Image
image/jpeg 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pratum.com/images/blog/October_Blog_Week2_Feature_Pratum_20210817_RXX.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

7acf8adc8ed69c8de8f0c3b8ba32897c8201b39ab68223f3fa484c94cf53ae60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Oct 2021 14:54:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 210199
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Rob-Denson-DMACC.png
pratum.com/images/blog/ 53 KB
53 KB 311ms
309ms Image
image/png 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pratum.com/images/blog/Rob-Denson-DMACC.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

4159adb159bd3ce8e56501564c97171537c1a6cd48d8e8ee8c4453a0978d2700

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Oct 2021 15:16:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 53778
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Scott-Walter-EFCO.png
pratum.com/images/blog/ 59 KB
60 KB 663ms
662ms Image
image/png 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pratum.com/images/blog/Scott-Walter-EFCO.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

2555424ecfc90180df475a215ea34a32455c2fe3b9c20a88b1df83a99598fe29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Oct 2021 15:19:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 60682
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Ransomware_Poster_Shadow_Pratum_20210628_IXX.png
pratum.com/images/blog/ 55 KB
56 KB 664ms
662ms Image
image/png 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pratum.com/images/blog/Ransomware_Poster_Shadow_Pratum_20210628_IXX.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

c1782fa8e45f6ea2ec2e384d9118f79b606e3fcbbb7c0db7c31f50aea7f68cd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 15:59:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 56506
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d736db32-2f97-449e-8bb8-0fa7ce0da92e.png
no-cache.hubspot.com/cta/default/8984595/ 2 KB
3 KB 236ms
203ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/8984595/d736db32-2f97-449e-8bb8-0fa7ce0da92e.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5b10708fb9e73452045a368ed9ae9b4a46eacb91c026770f729816875d3759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y9Z0EDJZPWDEYES9
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1680
x-amz-id-2: Z5oNt5E7ETHnDfALxjeiPyKckuqzmhEkEMJJX5EzFu/kOlJVBkXsQnPPhLIjLeXv+40D8dQVAro=
last-modified: Thu, 05 Aug 2021 15:09:43 GMT
server: cloudflare
etag: "9599df9783e2eda0d3ab03a69bd0a7d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbfkMEUvLmumj%2Bb6Zds2PnujIuD8nB0deBVcBrNIggl%2FgNAy2H%2BnrnxVkOgERaRHqKkQMYXoDKvBMvJ2BcPBrE3ZAR4Mq5JzfOTBuh9RWP9rIgn8PWGNRvHlFhHtB02SF86%2BE%2BnRCH0U9eaDdx84LvRJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 6b767989b93a5b68-FRA

GET
H2 200 current.js Show response
js.hscta.net/cta/ 15 KB
6 KB 94ms
43ms Script
application/javascript 2606:4700::6811:ddcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ddcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

139ef45414de3cfdd6f9f835e1c6c823e272077d681e1f7002ad2337adfe763e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
via: 1.1 615f410a3a080a335933e9fa08c15261.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 431
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.68/bundles/current.js&cfRay=6b766f027a866940-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 30 Nov 2021 01:08:26 UTC
server: cloudflare
etag: W/"cfafba4e004c0a83b025f7c53b683b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 6ptpsjcKAFwLr0kxY4mzTNXp0BbdP5LF
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b767988190505d0-FRA
x-amz-cf-id: LlhQE3Bz9RxF8QP1eGkk8X1jFvaxiEOHY_JdRoJ0sIC0QHOG3M6VTQ==
x-hs-target-asset: cta-embed-js/static-1.68/bundles/current.js

GET
H2 200 v2-legacy.js Show response
js.hsforms.net/forms/ 21 KB
8 KB 50ms
31ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2-legacy.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8496b904ded0ea8472d611839277a6a8091398ededfd2aa6b57f2eba97a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 99
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 22 Nov 2021 03:35:42 UTC
server: cloudflare
etag: W/"cb5aceb381ddfd649db465a31c789ea3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NVnJwmd7Nltl%2FuVJLl6xEQ3Zs3jCK9hFFKY3zTDTf1GZk4Te2PIhCi7ISCrmOOC5F3GU17orBC8S5aG7u%2FemaEiWuq2GZbMD1JQW8%2FJqu5cAIlnQJu4fUHLIsaMvDjypzGFFRGwHLWSZjuH"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1JCfWRzqW5_w9KUGhEAT_rwjHWhio5cA
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b7679886add4e6d-FRA
x-amz-cf-id: LWIP-pI-1F6LXiFH9O3H0ECu6zWYirTB6TFnWrMj5yp7Uoyyzpko7g==
x-hs-target-asset: FormsNext/static-5.415/bundles/legacy.js

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 565 KB
143 KB 30ms
29ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

302ecfd3dcafa8174d1609465dda4fdaf6150d74883e8fddd3944e4d03cfa7d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 422
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 22 Nov 2021 03:35:42 UTC
server: cloudflare
etag: W/"81d36b7b25dcbaadd300923b7cd32d2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFTnxDpGR8yePUFZXpWO4EKtmTryStaaCwzHhOmtzFPfcARtjjHQIa9VWee9qICNzZUoPei1ex9DfqjqJ3ocNaG4zz59aSh74MkvWsLtX84sNKN0Mf5B1%2BZsY%2BQOX6rXle0lLzdF7yrjmRaI"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: DbFNkSWAQliTMR.LcB9YoOy1wsVfAP3h
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b767988ab504e6d-FRA
x-amz-cf-id: -3cnlpeQvlE0cpz5JOswA7diwKoiyqDkLS3gR_0AQ2PHVFdBB2Orlw==
x-hs-target-asset: FormsNext/static-5.415/bundles/project_with_deps.js

GET
H2 200 Pratum_Primary_White_Gradient_F.svg
pratum.com/images/logo/ 378 KB
379 KB 64ms
62ms Image
image/svg+xml 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pratum.com/images/logo/Pratum_Primary_White_Gradient_F.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

cdd181db7783304f7ba9fcc1890d17482e4513d995d2ad522390b48ebfe2c2b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Nov 2021 21:47:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 387554
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
pratum.com/templates/avendor/js/ 31 KB
31 KB 15ms
14ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 31824
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.countdown.js Show response
pratum.com/templates/avendor/js/ 4 KB
4 KB 14ms
14ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.countdown.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

1823ecd2a8994f9d78e310dd5716bc7532b95c68db40ee69fb35b05ee09aea58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 4014
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.queryloader2.min.js Show response
pratum.com/templates/avendor/js/ 13 KB
13 KB 14ms
14ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.queryloader2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

2fc32c6620e847577a044afffca63a5003226db0085534477e6fdf5012c5e0fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 12930
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SmoothScroll.js Show response
pratum.com/templates/avendor/js/ 15 KB
15 KB 14ms
14ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/SmoothScroll.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

661f13b4f4113a7586e0bc41c176010b085fc233eb44d0f60616ca00c0e7d5fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 14897
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.stickOnScroll.js Show response
pratum.com/templates/avendor/js/ 18 KB
18 KB 14ms
14ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.stickOnScroll.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

c224282471c8dce39b4177897bb65314ebebd61cf1137a439b20372a0792a74b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 18311
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.easing.min.js Show response
pratum.com/templates/avendor/js/ 5 KB
6 KB 17ms
16ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.easing.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 5555
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 livicons-1.4.min.js Show response
pratum.com/templates/avendor/js/ 594 KB
595 KB 15ms
14ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/livicons-1.4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

bbf83f7a7557c776594fd31827585c9e86e97909cae65bd4fa5637fc502760b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 608378
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raphael-min.js Show response
pratum.com/templates/avendor/js/ 89 KB
89 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/raphael-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

2aac45af52da68ebf3c21a445208b8ce755dc8caa52ce4f411bb1821e1614334

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 90656
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.stellar.min.js Show response
pratum.com/templates/avendor/js/ 12 KB
13 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.stellar.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

f5610dca639dfbc602be3ad30b5e98bff001f6f61d4ce0a618fe8ae3e6906059

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 12637
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.js Show response
pratum.com/templates/avendor/js/ 38 KB
39 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/owl.carousel.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

14e619a4bceb4cafa0cf1832e59d42897bdf87be967a4781d8b5f3bb8852702a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 39174
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.countTo.js Show response
pratum.com/templates/avendor/js/ 3 KB
3 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.countTo.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

474754d75548fad740bb581e4b0596cb9a1c0b47cfc03f8a6e273cc6da9b9080

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 2581
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
pratum.com/templates/avendor/js/ 20 KB
21 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.magnific-popup.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

29649dd5311ae06eb0639f2655f35be5da744bf41556d1a1c32d326994d77869

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 20950
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jQuery.Opie.Tooltip.min.js Show response
pratum.com/templates/avendor/js/ 6 KB
7 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jQuery.Opie.Tooltip.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

c745fa43ed937d94efa0c13eb43061475d7f0c76fb765e7f12522da3bda8f6a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 6504
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.waypoints.min.js Show response
pratum.com/templates/avendor/js/ 8 KB
8 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.waypoints.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

bc12b83b7c153e06b04925531383849c2dcaa682b2637b7606b0dd513e0806b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 8071
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.easypiechart.min.js Show response
pratum.com/templates/avendor/js/ 4 KB
4 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/jquery.easypiechart.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

c51fcea6c8ef9450d9c9029c3cadebffa2e80a89561fbe1c42c58ca37b835818

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 3627
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application.js Show response
pratum.com/templates/avendor/js/ 13 KB
14 KB 64ms
62ms Script
application/javascript 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://pratum.com/templates/avendor/js/application.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

008948cbaff4ddbfe3153c6088c5205b73c3803563cf97a55a47359623f496f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 13612
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8984595.js Show response
js.hs-scripts.com/ 3 KB
1 KB 250ms
217ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8984595.js
Requested by: Host: pratum.com
URL: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1970f68c5da573ed3b6fb8c5421f9c34cdee55cbdd7fa8118c39e8a4f85a5600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: acde9b46-119c-43c4-b18c-7c466742d766
last-modified: Thu, 02 Dec 2021 17:14:46 GMT
server: cloudflare
x-trace: 2B6CEC3730C2D873E7C0B75194ED334E0D05184615000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://pratum.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6b767989bbf26927-FRA
expires: Thu, 02 Dec 2021 18:04:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 205ms
93ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1732
date: Thu, 02 Dec 2021 17:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 02 Dec 2021 19:35:03 GMT

GET
H2 200 custom.jpg
pratum.com/templates/avendor/images/bg/ 32 KB
33 KB 59ms
59ms Image
image/jpeg 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pratum.com/templates/avendor/images/bg/custom.jpg

Requested by

Host: pratum.com
URL: https://pratum.com/templates/avendor/css/joomla.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

76518149098afc793e282f63849efbfd20711d0d5d8bc6f09a51f8eaa1945181

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/templates/avendor/css/joomla.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:31:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 33204
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 keyboard-overlay-blog.jpg
pratum.com/images/parallax/ 1 MB
1 MB 58ms
58ms Image
image/jpeg 192.124.249.57
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pratum.com/images/parallax/keyboard-overlay-blog.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.57 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10057.sucuri.net

Software

nginx /

Resource Hash

dac349cb18248475f6221e4c2276603715e03d34051c82e7b9aeba9f49433bb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 14:38:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19007
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 1548868
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 49ms
23ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.css
Origin: https://pratum.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617, 617, 617
age: 1273443
cdn-cachedat: 2021-06-08 21:22:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56780
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 01d2553c4ff366764fbd33c560986089
accept-ranges: bytes
cf-ray: 6b767989be535c92-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v22/ 21 KB
21 KB 201ms
96ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pratum.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 21:14:30 GMT
x-content-type-options: nosniff
age: 247765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21028
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 21:14:30 GMT

GET
H2 200 85b0fc5b-5430-4eb9-897e-f27cfc8edcb6 Show response
forms.hsforms.com/embed/v3/form/8984595/ 8 KB
3 KB 271ms
168ms Script
application/javascript 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8984595/85b0fc5b-5430-4eb9-897e-f27cfc8edcb6?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cde9f25ef0e11eb88158033c8529b7ae1cd2be136e7b48a8097a7b76f837886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 6cff33b4-d21b-4d38-a3c4-50a598e85139
cf-ray: 6b76798a7de6d6c9-FRA
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B8751CB17E458FACE837D0319276B353B952438AE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 4 KB
2 KB 465ms
464ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&pid=8984595&sv=cta-embed-js-static-1.68&utm_medium=email&rdy=1&df=t&pg=d736db32-2f97-449e-8bb8-0fa7ce0da92e

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30991bb24af455a1c15d8cda99ca72addb1027b5963104b6af0b73e5ff28539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7a28c61b-a0df-42d2-aa5d-d863de5594e9
access-control-allow-methods: OPTIONS, GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: noindex, follow
server: cloudflare
x-trace: 2B58BD1B708354BF172F4525A568AA5B7F2785A68C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMzqW8K6i6JlOXKoD6x1N2rYuFHbzF5afot4ydFpdz5m67W%2Bv5276dEEk2FzSLb9YsDe38%2F0jfS7K8m9EALAtIFxj55P0iJbjnz25hV62AvcATG4GAYj%2B15VhJ%2Fqe%2B6yc0ZJFOWJwkLUvrJ90%2BkBSXJHz639BoF1mb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pratum.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6b76798b2c435b68-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 122ms
65ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8984595.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 768e9f571558630520b67b0e5cbd1906edbbe0d47a4b8270bbbf1147da30c1a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
via: 1.1 b9d1b307966c2273bf97ed7c681603db.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 78
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9460/bundles/project.js&cfRay=6b7677a42d522bad-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 01 Dec 2021 08:10:15 UTC
server: cloudflare
etag: W/"b3a6c7ed04580e98000c3a5a624db248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _jOiiD.XOuBgizKr1hEb1wt0v8fSgzSl
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b76798b999d6967-FRA
x-amz-cf-id: QOuu7I6BYZU8tDiA4mRk1V4-u614sg-Mvwh-_N9wZu-sByNXydXo1A==
x-hs-target-asset: conversations-embed/static-1.9460/bundles/project.js

GET
H2 200 8984595.js Show response
js.hs-analytics.net/analytics/1638468000000/ 62 KB
20 KB 225ms
172ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1638468000000/8984595.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8984595.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a032f9e4253882ca45f7746d796299ff521490c6c2e005b1548872f41115b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: F5RDEHQ8KXEHKW7T
x-amz-server-side-encryption: AES256
cf-ray: 6b76798b8ab44309-FRA
x-amz-id-2: d+Tkc8a9tzJexYwWg4KCQka6oNZZ4+WmxulKcg3AGpyYLUYXpizO2tqkk8bBe1fzZRbwfXvvrM4=
last-modified: Mon, 19 Jul 2021 17:04:51 GMT
server: cloudflare
etag: W/"801451c15b3dd4a08e4943b813d3465c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Thu, 02 Dec 2021 18:08:56 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 102ms
45ms Script
application/javascript 2606:4700::6811:e7cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8984595.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dba18667e56c12b93a48df1a19f7c7da2fb7f9a3a4b0e580960bb6a64588475

Request headers

Referer: https://pratum.com/
Origin: https://pratum.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca5.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 8298
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1063/bundle/main/lead-flows-release.js&cfRay=6b75aef7a97c5b44-IAD
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6b76798b9cfc7025-FRA
last-modified: Tue, 30 Nov 2021 11:18:22 UTC
server: cloudflare
etag: W/"a96dad1dd2dff1317409cbd098185a46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 3qUnnow7jasz4fmPMONhN9sYmw77KMcS
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: C20EolPsUrK64EOa4zy01IPiRCjNeHuJ_j0p6aqY5LB73d04u5bA6A==
x-hs-target-asset: lead-flows-js/static-1.1063/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
26 KB 67ms
31ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8984595.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a0d5fd4e0f669039bc633a2756906a92f37e5e1c814ee52ff553087053a8af2

Request headers

Referer: https://pratum.com/
Origin: https://pratum.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
via: 1.1 199b065e4c1253c9590e1b5e57083906.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 8298
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.253/bundles/project.js&cfRay=6b75aef6583f5c7a-FRA
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6b76798b7d070631-FRA
last-modified: Thu, 02 Dec 2021 02:02:12 UTC
server: cloudflare
etag: W/"d27aa230fd3eb65f4283442feff0f8f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 1eWHGaiikU6EykksaY2toL.UK9cF4mfr
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: kzwrbHobO8n6lwn-xl9HnSOt51lSwpRN54H_9_0YgQGa5KqgWyeJJA==
x-hs-target-asset: collected-forms-embed-js/static-1.253/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 95ms
41ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8984595.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830fcab93c12b9ad2a820fed85e456077ed189a100a59b3080fd807d844eeef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 111
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.257/bundles/pixels-release.js&cfRay=6b7676d5ea7e6987-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 29 Nov 2021 05:24:28 UTC
server: cloudflare
etag: W/"a5963a9ccf6657b39b543985ec7b9634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: QEftXf9SpA6LuHCJA7K_EhxXH0zSJ6Zm
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b76798b9b374dfa-FRA
x-amz-cf-id: cP_Clf2MlboYRicia3JPkUz-4_5kj-4WqZu663aS8gSbr5TqvNFtbQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.257/bundles/pixels-release.js

GET
H2 200 8984595.js Show response
js.hs-banner.com/ 60 KB
16 KB 463ms
411ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/8984595.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8984595.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70c42999ff8deffe868bd981029631f3c46abe5e24ba62543f8548e58c8e0415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: GBGCKDXPEJC3B965
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: rJ0IEjcnoX+H6r3N8gcSD4NSIA5Q/DkkYvHHBCnfDqUIq7ulyd5tsjJ7tvzjJgJnr7awSzrjwSE=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 22:04:48 GMT
server: cloudflare
etag: W/"bc498e47728afdebf6de6cdbc3357022"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: EVYo67raF00mtT_sYsSK4BjTqpcsNr2e
access-control-allow-origin: https://www.pratum.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6b76798b8e4168f2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 02 Dec 2021 18:08:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 122ms
64ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1392783785&t=pageview&_s=1&dl=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Lessons%20Learned%20from%20Ransomware%20Attacks%20-%20Pratum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1796655730&gjid=297436243&cid=244177243.1638468236&tid=UA-108435497-1&_gid=158143490.1638468236&_r=1&_slc=1&z=847572043

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pratum.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pratum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 185ms
69ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-869024229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Dec 2021 18:03:56 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ Frame 1001 565 KB
144 KB 36ms
35ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

302ecfd3dcafa8174d1609465dda4fdaf6150d74883e8fddd3944e4d03cfa7d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 22 Nov 2021 03:35:42 UTC
server: cloudflare
etag: W/"81d36b7b25dcbaadd300923b7cd32d2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwEEDrxEPfiJGpRKYpf%2BWPzpYe2ucHFJO%2BKPmyiSPbuSOGadBI9qx6efaTWQtHI0ojUL%2BdYRNdfQgWmLh0%2FBBoCayrh7f9fzlfhJsgpG7dw7bU8JS8CcaARzQhk8ARK%2FZC59D0SPwuG7X6W0"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: DbFNkSWAQliTMR.LcB9YoOy1wsVfAP3h
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b76798baa664ab5-FRA
x-amz-cf-id: -3cnlpeQvlE0cpz5JOswA7diwKoiyqDkLS3gR_0AQ2PHVFdBB2Orlw==
x-hs-target-asset: FormsNext/static-5.415/bundles/project_with_deps.js

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 213ms
134ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8984595&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b3f238133590a4f711d8347b2bc826f8d7a596ce810844f501eff3f16cb027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://pratum.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d80c7956-6d8c-434b-8e9e-3d622350f507
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkXOjA6g1X6O%2FETTf1n9dFHeCcW13tXrzrtB1DV%2BqYQsp1SU%2BguqZiZaN11wG911YxB9%2BuwVKEHjZIzQjIFa%2B3QvbgoxNfyUD3qkAzo8RRARz%2B0WRkEHFA6p6HST8qqT9Tzwxz1wRsLzPNkF9DhG"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pratum.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6b76798c7a5a4a5c-FRA
access-control-allow-headers: *

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 257ms
243ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=8984595&conversations-embed=static-1.9460&mobile=false&messagesUtk=80c3522c70f940deb65762f6aea893a0&traceId=80c3522c70f940deb65762f6aea893a0

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

231c763b6d37ec6c743d03fe4a6857354f0b04e24d16d7f93ea96f7bdad3d0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://pratum.com/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a3569fcb-baa5-4ef9-9373-9afa5b4c837d
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1559
server: cloudflare
x-trace: 2B3FDA64A413AE7A1563F0221016AC5A23E9D1B2B5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwJSevG%2FL2q6GyaF8Dpb9gDEJkB6VrOyhbYloWqFzw15mBIenTqLmV12ghOC8LDdWTGD0i4mbRgWKxvn9McHeZArBVkKILwhaWKDg4OAB4q3q6xiluUwWQs2CNkIkkuY5tN1XgdeFlM9%2BcQbSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pratum.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6b76798dda80c2bd-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 258ms
179ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://pratum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6b76798c9ef94e49-FRA
access-control-allow-origin: https://pratum.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 09b3dfcb-71e4-4619-b877-fc8e061095f6
x-trace: 2B816DEF9026EB057F80B6C7D2D6A3F454E602ECF4000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFNRosumlLlraZMtChFvcMHbh72Np%2BA8jhe7AgYmt7a2KO%2B6zl1JxYRjWzRj3hlrZYiajRCcRJ%2B3h15No4VtwQmYyg%2F%2FMcSoZ24X%2FsC32B3sq%2B3s4Wwe9kUwUpsJNxentbkhJz82Gl60sTooOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 93ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-108435497-1&cid=244177243.1638468236&jid=1796655730&gjid=297436243&_gid=158143490.1638468236&_u=IEBAAEAAAAAAAC~&z=1339550570

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pratum.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 02 Dec 2021 18:03:56 GMT
content-type: text/plain
access-control-allow-origin: https://pratum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 157ms
66ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108435497-1&cid=244177243.1638468236&jid=1796655730&_u=IEBAAEAAAAAAAC~&z=966033872

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 156ms
64ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108435497-1&cid=244177243.1638468236&jid=1796655730&_u=IEBAAEAAAAAAAC~&z=966033872

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/869024229/ 3 KB
2 KB 142ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/869024229/?random=1638468236299&cv=9&fst=1638468236299&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&tiba=Lessons%20Learned%20from%20Ransomware%20Attacks%20-%20Pratum&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0fa0c1ce2db4de129e1c7789eaf5a02e1e52814ed9ba5e2c80f7dceaf0fe91d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
493 B 151ms
138ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: c179c027-1614-4550-aac1-9d529ecbacc3
x-trace: 2B777900E3E335EA24C8548EA6372D01C485B787AA000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b76798dbf1b5c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

GET
H2 200 /
www.google.com/pagead/1p-user-list/869024229/ 42 B
154 B 56ms
55ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/869024229/?random=1638468236299&cv=9&fst=1638468000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&tiba=Lessons%20Learned%20from%20Ransomware%20Attacks%20-%20Pratum&async=1&fmt=3&is_vtc=1&random=3423760150&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/869024229/ 42 B
154 B 55ms
55ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/869024229/?random=1638468236299&cv=9&fst=1638468000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&tiba=Lessons%20Learned%20from%20Ransomware%20Attacks%20-%20Pratum&async=1&fmt=3&is_vtc=1&random=3423760150&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
778 B 167ms
154ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=8984595&pg=d736db32-2f97-449e-8bb8-0fa7ce0da92e&lt=1638468235791&dt=1638468235792&at=1638468236495&ae=1&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Dec 2021 18:03:56 GMT
server: cloudflare
x-hubspot-correlation-id: 3469712f-ec69-4d03-9a75-5573bd6e771e
x-trace: 2BC4678D69BCF9D67C675B187773FEC53918F3A05C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eO7G%2Fcj1iJo9vuFlRX2lamz0KjZvw%2FUKBYUlCsrR6DJAfyNom0Ojacklezu%2FJfmSoZujkHmNR8gea8YJVJIGaLpwRsaSx6eCzM%2FFPODko7cjQ6UTiyGKtoJ8r1UlOfhlTuyP9AHHC6FDu2cIDVBSq08Ifp6ivoNTBfM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b76798e2f31693f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: noindex, follow

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
215 B 143ms
142ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: ec28bc88-f981-46b4-9893-b10262264eaf
cf-ray: 6b76798e2b52d6c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
last-modified: Thu, 02 Dec 2021 18:03:56 GMT
server: cloudflare
x-trace: 2B04E53FC463C243CAA90EA7E651289814E299E5A7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
171 B 181ms
181ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 8fc83cb1-6778-4264-8ab2-36f3953cfec6
cf-ray: 6b76798e2b54d6c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
last-modified: Thu, 02 Dec 2021 18:03:56 GMT
server: cloudflare
x-trace: 2B84F152CD11F2A6CDD5B65F5910E2880B37AF9BA6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 81ms
25ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: pratum.com
URL: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F96) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 18:03:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (pab/6F96)
Age: 1498
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 170ms
72ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bd1aa13c0678aad0a21d546ec44b63d8068279e796aad9bfce2eab4f0cd4bf0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RBjUkMCGfq+o+ZwdMKV8HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "8785ac17277d68515ada6b0cece79f84"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-RBjUkMCGfq+o+ZwdMKV8HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Thu, 02 Dec 2021 18:03:56 GMT

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 201 KB
61 KB 71ms
12ms Script
text/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: pratum.com
URL: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: e052de0e53a6eb517d952968c2dc326327f967b687bb67f85fb845753a872899

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-LI-UUID: AAXSLR9hr4n6GedVPwHZvw==
Date: Thu, 02 Dec 2021 18:03:56 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-lor1-x
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 62394
X-CDN: AKAM
X-Li-Fabric: prod-lor1
Expires: Thu, 2 Dec 2021 18:28:45 GMT

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
482 B 140ms
139ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 335696be-dd09-4983-a97c-4617dbadc926
cf-ray: 6b76798f5b875c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
last-modified: Thu, 02 Dec 2021 18:03:56 GMT
server: cloudflare
x-trace: 2B56AA3D7AE0EAF08D64E361D56DC5ADDAF6F4A712000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
356 B 163ms
149ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=85b0fc5b-5430-4eb9-897e-f27cfc8edcb6&fci=7653ded3-5c58-440d-9e5a-a491fd02c674&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=8984595&pu=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&t=Lessons+Learned+from+Ransomware+Attacks+-+Pratum&cts=1638468236687&vi=8f3fb441cb2af1cf11003495753e35ad&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9c117a55-2887-4e51-bc25-abb36faaa8ee
cf-ray: 6b76798f6d865b68-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5YQ2Mct9rWiBqbN0owWeHExsZFEMY15tkLcx7wVtIuY49celovNMF98gaiEnP86WIe6FofI4NUWLDBjEHlrWNW08aqFFJQA7R15zcf5yBeQ%2BaxQ72SqMr1gYG2uZOwA%2FtZjcwj5IMMk%2FdcYwBue"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
501 B 200ms
185ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=85b0fc5b-5430-4eb9-897e-f27cfc8edcb6&fci=7653ded3-5c58-440d-9e5a-a491fd02c674&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=8984595&pu=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&t=Lessons+Learned+from+Ransomware+Attacks+-+Pratum&cts=1638468236690&vi=8f3fb441cb2af1cf11003495753e35ad&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 536d10e9-a273-4cd9-8e8c-f2670d04278c
cf-ray: 6b76798f7d875b68-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkE%2BaCIrxyzSOe2bbg9hpKfNeZ8FwRCcNe3Ri0xyrMqe5pzZpflm9QEVLJKoC22uBtGTmF3zM6r7AVtdoQGKpLr5CX8zyfY5mH8pklEOjCE8YqaIQZZYy3EvP5V7sFmUaBNpLyvhnTenB7ethiio"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
439 B 147ms
133ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=8984595&pu=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&t=Lessons+Learned+from+Ransomware+Attacks+-+Pratum&cts=1638468236692&vi=8f3fb441cb2af1cf11003495753e35ad&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 559eb54d-5e4a-4d6c-99d5-46686740125f
cf-ray: 6b76798f6d855b68-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb%2FKzU7TxRjWqlx17hyHhr2AQzlpNxUjuFgShf%2BorBBQKlb%2F4lNfYxtYbuTDI454VggowDIpoFOI3RqzbQR75PuAWYSipRbQ%2FKsBTgglay319RUw94zwOHMV9Ithm6394C4Asi7CoRQMUzR7V6iJ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
357 B 164ms
151ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22d736db32-2f97-449e-8bb8-0fa7ce0da92e%22%2C%22b5fb5bca-8a4d-4786-a2ad-349d05703a2e%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=8984595&pu=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&t=Lessons+Learned+from+Ransomware+Attacks+-+Pratum&cts=1638468236693&vi=8f3fb441cb2af1cf11003495753e35ad&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2aa8cab7-5d3a-45ff-8d1e-34b482f2a192
cf-ray: 6b76798f6d835b68-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FXJ9TVcsRphnQ%2BxpnKeLMp46yV1lnbEkKn12MpLx9nTu%2B9GqGzEtWXcfiYybMiVUQc329uolnD08x11tjkNGM2JlJwg354rzQFwpmHjCHJ6L9o1WVA7Zbvh5dCuacA%2BjhjQX5HebKh5uXL0DXYm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 67 B
939 B 237ms
196ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=8984595

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18193d54c542aecede72351e2b5daac4d78836e5c37d0744093c5cacc54a0a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 98b30e8b-34bc-4887-9480-f6cc45d55bbf
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B6B02CA1A6A6FC0E1FCB837C76048ECC49FF56C53000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bshUFk5OJuDYkGfy9I7bTqeHuV%2BjsycK23gHEfBpDexU0bOz10xpWCgI0ROZ5Ap8yn8UzdI4KCRGQcaj%2BzGl4RYG3IWvMerlTb1yW7%2F70kwyqgIsqMtWTEgGfpu8WIGqscX3oNodyL9CfRTn"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pratum.com
access-control-allow-credentials: false
cf-ray: 6b76798f9d217037-FRA
access-control-allow-headers: *

GET
H2 200 80c3522c70f940deb65762f6aea893a0 Show response
app.hubspot.com/conversations-visitor/8984595/threads/utk/ Frame DF60 45 KB
17 KB 235ms
222ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/8984595/threads/utk/80c3522c70f940deb65762f6aea893a0?uuid=ebda824d3b4c4478bb92f83edfc30925&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pratum.com&inApp53=false&messagesUtk=80c3522c70f940deb65762f6aea893a0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08c317b4f1dc3bc8950e5101dc7a7bee2f41e2ad34a70f477fc51fa52399a780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-type: text/html; charset=utf-8
cf-ray: 6b76798f8db55b68-FRA
age: 3433
cache-control: max-age=600
etag: W/"01854cccd2026f3d9d71ecfcc9bb154f"
last-modified: Wed, 01 Dec 2021 08:10:15 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 349b149961d8d2361c29d4be4b5847f3.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hs-analytics.net *.hsappstatic.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com js.hubspotfeedback.com *.usemessages.com js.hubspot.com js.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net *.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com *.fullstory.com fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com tpc.googlesyndication.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com fast.wistia.net s.yimg.jp www.redditstatic.com data: 'unsafe-inline' 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.11900/html/index.html&cfRay=6b76798f8db55b68&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F8984595%2Fthreads%2Futk%2F80c3522c70f940deb65762f6aea893a0%3Fuuid%3Debda824d3b4c4478bb92f83edfc30925%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dpratum.com%26inApp53%3Dfalse%26messagesUtk%3D80c3522c70f940deb65762f6aea893a0%26url%3Dhttps%253A%252F%252Fpratum.com%252Fblog%252F517-lessons-learned-from-ransomware-attacks%253Futm_medium%253Demail%2526_hsmi%253D190245315%2526_hsenc%253Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%2526utm_content%253D190245313%2526utm_source%253Dhs_email%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fpratum.com%2F&cfenv=prod&csp=ro
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: X0uM6RqoDFPNeKN5t1oBW_DoSE_wVDrRLYu8_l9hmIEfuaqYAyqMow==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: N5Ffl6.4wSirPdfZt1wVHp3eEHIFJHUV
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-worker-debug-mode: false
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 138ms
138ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=8984595&utk=8f3fb441cb2af1cf11003495753e35ad&__hstc=240358044.8f3fb441cb2af1cf11003495753e35ad.1638468236685.1638468236685.1638468236685.1&__hssc=240358044.1.1638468236685&currentUrl=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf896aed7d8686a7e1eb1aac5f6a72c83c86a24ec2732191b2b1387c9c97bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c2e29724-1662-4fdd-8177-fd64ee12c86a
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FiWcBQt9cOMYlULdHhVOlABXj2HXOBMzY84qxGR5M9fqb0uCtjMoqZtu9eKZlh%2BS8oFUv8WfAf26ISMby0jh26hyYugIlEfw1M086ixdqLe4yjOxc2s96kbRj%2FQR%2FdpMf5pNmXgtqWvgnpepkbt"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pratum.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6b76798f7d42c2bd-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame EF46 319 KB
103 KB 18ms
18ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpratum.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA9) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2998
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Dec 2021 18:03:56 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6FA9)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EF46 291 B
470 B 158ms
133ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b9bfe27f4df5d6ab29633be2e83fc138cb88eb5f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpratum.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

1668f20a157a89faae7bc1c684b0acc8206deb58eee3b52d63726ca654afd82c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 113
date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 18:03:56 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5d7d67fb357e862875fc56dd681e59d6a5b8bb5a2321558cef949605fcf07282
content-length: 188

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 942 B
608 B 122ms
58ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=explicit

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a47337b001e349920019b1439b450fd86d8c4aeec26b0262775852b83fba2877

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Thu, 02 Dec 2021 18:03:56 GMT

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
742 B 150ms
150ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=bce00052-a7e6-4129-97c7-6cad223a0d69&lfi=2183383&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=8984595&pu=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&t=Lessons+Learned+from+Ransomware+Attacks+-+Pratum&cts=1638468236863&vi=8f3fb441cb2af1cf11003495753e35ad&nc=true&u=240358044.8f3fb441cb2af1cf11003495753e35ad.1638468236685.1638468236685.1638468236685.1&b=240358044.1.1638468236685&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:56 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f6afbc3b-40a8-4815-a08d-c34706beb370
cf-ray: 6b7679906d4b693f-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX%2Fcy9cdZt8mfUHRbDQHwDwBPj9nVkaqZysGp%2Fe22SLY%2FVFaioE2LGnG9KkLyuYyQGlkdHlgY40Qlb95UrDK9GEg%2BkeVG7P%2F2jCQsHwE45iXlc0F2wSeMDKJWItfrw035TsphxAHQ5K0Lap1uP4f"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=plus,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 194 KB
65 KB 146ms
82ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=plus,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad64b19bb17a8692401f74fc8d4496e921c08eec395223742b435b2fba161570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 14:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66967
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 14:27:05 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=plus,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 75 KB
26 KB 116ms
54ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=plus,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30db8b2da6035a427a3f61fc706eb27f30d602df105fcc9c92ade79277536bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 14:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26703
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 14:27:05 GMT

GET
H3 404 fastbutton Show response
apis.google.com/u/0/se/0/_/+1/ Frame B403 2 KB
2 KB 101ms
51ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&hl=en&origin=https%3A%2F%2Fpratum.com&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Requested by: Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1585
date: Thu, 02 Dec 2021 18:03:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 404 sharebutton Show response
apis.google.com/u/0/se/0/_/+1/ Frame 004D 2 KB
2 KB 97ms
50ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/u/0/se/0/_/+1/sharebutton?plusShare=true&usegapi=1&annotation=none&action=share&hl=en&origin=https%3A%2F%2Fpratum.com&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Requested by: Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 8bd139c393a6ca591e9f29d1c15fa1211cfdc287722455328140f6eb18a6d070

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1586
date: Thu, 02 Dec 2021 18:03:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 138ms
78ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-869024229

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cea89fee36e45693d430ef41dc08299b0d3c49b62770f1cef3cc00b9fef96a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39569
x-xss-protection: 0
expires: Thu, 02 Dec 2021 18:03:57 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/869024229/ 3 KB
1 KB 139ms
83ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/869024229/?random=1638468236937&cv=9&fst=1638468236937&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&tiba=Lessons%20Learned%20from%20Ransomware%20Attacks%20-%20Pratum&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2605ac2fd5fd06e33c89e994b0ca9a4e65d0b6370fabf9d38a44374ebf447eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1222
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.156/ Frame DF60 44 KB
16 KB 125ms
53ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.156/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8984595/threads/utk/80c3522c70f940deb65762f6aea893a0?uuid=ebda824d3b4c4478bb92f83edfc30925&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pratum.com&inApp53=false&messagesUtk=80c3522c70f940deb65762f6aea893a0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4651c562bac53f6d33b1d8093551a818571a6b595304ba4813bc7b5d503783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 946825
x-amz-server-side-encryption: AES256
cf-ray: 6b7679917e8f42db-FRA
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 12 Aug 2021 03:52:03 GMT
server: cloudflare
etag: W/"92f1fce5bc1b104818f7bb3259fa0317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mnqneJLV4YJYL1BobEtshzBcn8whe3QfZg%2B0BQI7L1qnSekoFSapucW1DG7HmV3qgfTtKZsuuxGUFCwlM2W%2FDdYFNQ6%2FPBzwR3EAor0zMjEk2iifdqE1rnqkKGiNreY32ZtRuaBlcfHPmbqmBoXMn4edrM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: jswq3j2Kf9rTWaLEvxg.3d09mCkFqVly
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: JaVqUhwGQ3zee52qDkYoK1quNTJP4658Jg-eMEq9CNMbC2Ox2Ci72w==
expires: Fri, 02 Dec 2022 18:03:57 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame DF60 20 KB
5 KB 122ms
50ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1462357
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
x-amz-replication-status: PENDING
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RC9CFZD1uqtQimwDrnGJEI8imnnGcDaW0tF5WSLUaHu8RCE8tCe%2BKlhQdkvdZLV9WU0m49F%2FFjqQ%2BpnR4SQOjAkTePh5Ucb2Txei44vieQpFRjoWxXJbT8D0eXY4h9SocMkwlNBD8peUk3qm2bPJgHrJpQk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
cf-ray: 6b76799179664ac3-FRA
x-amz-cf-id: dbvSbAJhJAOUNB92fWKJrtNXwC-i0qwd9GHjzQsfHqBGc99HemP65Q==
expires: Fri, 02 Dec 2022 18:03:57 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.182/ Frame DF60 292 KB
92 KB 124ms
53ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.182/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3085916259c4ca5f755ab7ba059660e86c2955b0afc2917a41c7c63cd438eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
via: 1.1 d2322e4264977966de69a888b2e0eba9.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1389328
x-amz-server-side-encryption: AES256
cf-ray: 6b7679917e9442db-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 13:53:17 GMT
server: cloudflare
etag: W/"0afaba444335db3b8513bf83d521d7ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIQY0wmCKeuCrepICdRWta0lTtYyuxSyG70ImEamF4vui2doLWVQCV5T0r%2FMOjwgO9D0RnDIEiHUocA2i8bkQOLlnud5mENJ2g8NqSujBdihv5Mq1xVIcVogsWydVM4NRMsA89wya1ifrVPo6hzkS1QjSIo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 7xYxyuYcj.ZgnEi8rBB5MbNifIpwLqcW
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: Kk81tbOJEm5vizDF5e_3q59kd4dq6gTHcNumUUsDqQ350-2cnibq3A==
expires: Fri, 02 Dec 2022 18:03:57 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11900/bundles/ Frame DF60 490 KB
144 KB 117ms
46ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11900/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d50a297c1a7233817752317d0a84e60cc310f345cf0c90e7fe484bc5aa79900a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 78817
x-amz-server-side-encryption: AES256
cf-ray: 6b7679917e9542db-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 29 Nov 2021 15:12:11 GMT
server: cloudflare
etag: W/"d4e362ac50dd1fc399e57b36f759f9c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFSh1CTKcibnLTRAdGC4wOCGFO9oVE7%2FKVUdNYAwwNeg3XOfrJvt6vsGzJFYKOHuQmAkOJ8DYGg%2FDmQ4gGhOVeRLSisZA%2BtojikKJpobkxd5vpwjCmIadbXBdaLxqUw0bn4mdFsvBjKdQxvhHRBCqXKT%2F9o%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: w9aJkdwLJU50kEYjgT1uSLZBtp_PSCT6
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: XKjpCqBf5htj4-qvo7N18z5Ws3hv_UwIqyVP5clzsSyaHHroXhuCYA==
expires: Fri, 02 Dec 2022 18:03:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 243ms
91ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pratum.com/
Origin: https://pratum.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 17:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 02 Dec 2022 17:44:26 GMT

GET
H/1.1 200
OK button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js Show response
platform.twitter.com/js/ 7 KB
3 KB 33ms
33ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F96) /
Resource Hash: 186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 18:03:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:51 GMT
Server: ECS (pab/6F96)
Age: 3000
Etag: "e8090d17c9828f5a217bebb39dd3e689+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H3 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 004D 3 KB
3 KB 98ms
97ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/sharebutton?plusShare=true&usegapi=1&annotation=none&action=share&hl=en&origin=https%3A%2F%2Fpratum.com&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Dec 2021 18:03:57 GMT

GET
H3 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame B403 3 KB
3 KB 109ms
109ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&hl=en&origin=https%3A%2F%2Fpratum.com&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Dec 2021 18:03:57 GMT

GET
H/1.1 200
OK tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html Show response
platform.twitter.com/widgets/ Frame 993C 32 KB
12 KB 69ms
69ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F96) /
Resource Hash: d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2999
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Dec 2021 18:03:57 GMT
Etag: "89e8ce4106e3294685b0af818d97b80c+gzip"
Last-Modified: Mon, 18 Oct 2021 18:31:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6F96)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12235

GET
H3 200 /
www.google.com/pagead/1p-user-list/869024229/ 42 B
64 B 114ms
113ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/869024229/?random=1638468236937&cv=9&fst=1638468000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&tiba=Lessons%20Learned%20from%20Ransomware%20Attacks%20-%20Pratum&async=1&fmt=3&is_vtc=1&random=1746327474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/869024229/ 42 B
64 B 274ms
88ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/869024229/?random=1638468236937&cv=9&fst=1638468000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email&tiba=Lessons%20Learned%20from%20Ransomware%20Attacks%20-%20Pratum&async=1&fmt=3&is_vtc=1&random=1746327474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Dec 2021 18:03:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 993C 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 89DF 565 B
857 B 265ms
105ms Document
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpratum.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=plus,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

472f7d43177c804489f766d42cf453e9bba30ab38c28df3f072cefba906b4292

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sI12HuVrBRLOTe3w7cghEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Dec 2021 18:03:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-sI12HuVrBRLOTe3w7cghEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/ Frame DF60 776 B
1 KB 147ms
74ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11900/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c500c5d24d202d63c5d98deb47911b262f60a819a813b70743170b5c3140fbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1389843
x-amz-server-side-encryption: AES256
cf-ray: 6b767993baae5b92-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:40 GMT
server: cloudflare
etag: W/"7a4613eceda8b6851728fb8a43f7c942"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsUDNhW2rqygjdEvygXbGb81zqNzvjiNxRIj5biwEStZJwIOyPNUmjCI35DC%2F6YGITMDisms9xOOsjdtDWqFZ9arZGvDIRrmmzMGztXawqlukuZ4AUpB6BD4qy2FjUe5kt1c2wNx2sdmhO6iNgvy522FoXU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: xHspCJB3es1m.pY6VgNnAeUho_H3l3Kq
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: CDrZKGmjf7NWHZuhJNxiRwPCz9Vr54hmGZcMjaMGlisaKXu_yAzMPA==
expires: Fri, 02 Dec 2022 18:03:57 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
380 B 183ms
182ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks%3Futm_medium%3Demail%26_hsmi%3D190245315%26_hsenc%3Dp2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A%26utm_content%3D190245313%26utm_source%3Dhs_email%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1638468237337%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Thu, 02 Dec 2021 18:03:57 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5d7d67fb357e862875fc56dd681e59d6a5b8bb5a2321558cef949605fcf07282
x-transaction: fd12b9294798c6f0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 796779910-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 89DF 10 KB
5 KB 967ms
86ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/796779910-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpratum.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04082cfaa14c7a04a29bf53810bda0de1aa03910090a4aeffb198f4e8bbf70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4295
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 19:09:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 10:01:18 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 89DF 13 KB
5 KB 125ms
125ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc10eb4c3193b2a9e85d3e011075c703c98d79e86dee2c8647311db2f1dfeb4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EC9r8mOj5dH7xecoBcNM8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "3fc975e12af4bcde7e44fdb36bca1117"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-EC9r8mOj5dH7xecoBcNM8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Thu, 02 Dec 2021 18:03:57 GMT

GET
H2 200 Pratum-Chevron.png
f.hubspotusercontent40.net/hub/8984595/hubfs/ Frame DF60 6 KB
7 KB 371ms
197ms Image
image/webp 2606:4700::6810:b672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent40.net/hub/8984595/hubfs/Pratum-Chevron.png?width=108&height=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b672 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e2cff67ef4a6e1e74fe8a830858a1714cdb0ed34a2c479471e1039bba47390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 443726
cf-polished: origFmt=png, origSize=10013
edge-cache-tag: F-44557948291,P-8984595,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Pratum-Chevron.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 6074
x-amz-server-side-encryption: AES256
last-modified: Mon, 08 Nov 2021 16:14:45 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "d1500f475fa300a64d1acfe7066295ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 6b767995d92068e5-FRA
x-amz-cf-id: 3MGlu9XxQqizE2UR_DUKK3Onk9siMc79ezI8zEvn44W4mhwZl2WuZg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

POST
H3 204 rhumb
api.hubspot.com/cartographer/v1/ Frame DF60 0
1 KB 187ms
187ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11900

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11900/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 Dec 2021 18:03:57 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a6525c2f-6c54-4162-b48e-094e29b4238c
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgZPUUwUw8K2RCmDMoU%2FQcYs1gayty8JGieyYDQABPXO1mo%2F6Y2sd3QGoEm%2BafEiRbKC2oy%2BkBqz8H%2BmhQfB54I3vPxiyd1%2Fj2szuYqn8KWtapgBwI4SrNE8B3qc58Nx4EK31ELXPJYG53xmPA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 6b767994c8d7693f-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H2 200 Newsletter%20Subscribe_pratum_20210728_PXX.png
f.hubspotusercontent40.net/hubfs/8984595/ 74 KB
74 KB 138ms
137ms Image
image/webp 2606:4700::6810:b672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent40.net/hubfs/8984595/Newsletter%20Subscribe_pratum_20210728_PXX.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b672 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac6b1c9a7e82e170dc97bf24e0346b3ee0c5b5ac90b1a7647175ced7b01f722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pratum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-55763274391,P-8984595,FLS-ALL
age: 443723
x-amz-server-side-encryption: AES256
edge-cache-tag: F-55763274391,P-8984595,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Newsletter%20Subscribe_pratum_20210728_PXX.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 7HZ58Z0832K4ASRN
cf-bgj: imgq:85,h2pri
etag: "d1ac42d0145dd030e6a052ac512849bb"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1632258288632
date: Thu, 02 Dec 2021 18:03:57 GMT
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P4
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=106772
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
content-length: 75502
x-amz-id-2: NQHPQ4URn3G5a+mOUrqGpzMopaxkoQj03Yc0Fsp95gJiPpPEuCvxdhpgfzHGdRYZQrSYwqL3tSk=
last-modified: Tue, 21 Sep 2021 21:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: R5.XRZ.Xw5IPC1CjlR3BK34fML.Hs7W7
accept-ranges: bytes
cf-ray: 6b7679969b5d68e5-FRA
x-amz-cf-id: htEhsJ_rhwU11aBhuMkgoSgMwcuIIN7l5lzBfiTKUMYPjKdbjlisQw==

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ Frame 89DF 51 KB
18 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a6f2a85533d8b0a3572be5fa46cb09629d8f54f28bf40c52e0878d68caa046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 14:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18237
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 14:24:58 GMT

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pratum.com/	1969-12-31 23:59:59	Name: 7a66acaef6e31f6c293abc45d7c2c472 Value: e49af8aaa7c5dc83de10466485f96795
.hubspot.com/	1970-01-19 23:07:50	Name: __cf_bm Value: LcyL4SqZLo.zRkLUBGVg9flO0s3qrkPu0HTGobPDHoI-1638468235-0-Ab5Z+Av1pnzMtYU63X5oVWPG5JUMIbqOsdh3D7MDWInS4hJrqH0d0ZKtRAyGF3UosCRQjootLBNeSdwOwlg4OWQ=
.pratum.com/	1970-01-20 16:39:00	Name: _ga Value: GA1.2.244177243.1638468236
.pratum.com/	1970-01-19 23:09:14	Name: _gid Value: GA1.2.158143490.1638468236
.pratum.com/	1970-01-19 23:07:48	Name: _gat Value: 1
.pratum.com/	1970-01-20 01:17:24	Name: _gcl_au Value: 1.1.1407834551.1638468236
.pratum.com/	1970-01-20 08:29:24	Name: __hstc Value: 240358044.8f3fb441cb2af1cf11003495753e35ad.1638468236685.1638468236685.1638468236685.1
.pratum.com/	1970-01-20 08:29:24	Name: hubspotutk Value: 8f3fb441cb2af1cf11003495753e35ad
.pratum.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.pratum.com/	1970-01-19 23:07:50	Name: __hssc Value: 240358044.1.1638468236685
.google.com/	1970-01-20 03:31:19	Name: NID Value: 511=PIMTvbWX6tZDoTJMvEqifuK2jlhzXctqKkjlKYMLP2rBIEvcs-sXfgEC63U4BtzsijpKFaewv5WN9V8XXq0HwLs9ERCDp87jv7eDsVCgrGT-ERf-sD-k-_AXer-5tz3kKD3UxWOuZQXKTByBDmpnT3HrdatnEco8Mmlhy8xmTMw
.doubleclick.net/	1970-01-20 08:29:24	Name: IDE Value: AHWqTUk2rgcrsvnOZD5gGRyRbB_UiHQXbZqtr2vOPqQwQBfnxYPJNbnWoFNcetjJ
.pratum.com/	1970-01-20 08:29:24	Name: messagesUtk Value: 80c3522c70f940deb65762f6aea893a0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://pratum.com/blog/517-lessons-learned-from-ransomware-attacks?utm_medium=email&_hsmi=190245315&_hsenc=p2ANqtz-_B-hvOvxfZ0WTTSUZruv-6-rkFQXJBlagsGW_Qh8d1gELh7Xt7uMpEs7meOW7Hb0ciolzGWxVk5caAuHnn3Nlz1yk43A&utm_content=190245313&utm_source=hs_email Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://apis.google.com/u/0/se/0/_/+1/sharebutton?plusShare=true&usegapi=1&annotation=none&action=share&hl=en&origin=https%3A%2F%2Fpratum.com&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I1_1638468236919&_gfid=I1_1638468236919&parent=https%3A%2F%2Fpratum.com&pfname=&rpctoken=24444725 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&hl=en&origin=https%3A%2F%2Fpratum.com&url=https%3A%2F%2Fpratum.com%2Fblog%2F517-lessons-learned-from-ransomware-attacks&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1638468236911&_gfid=I0_1638468236911&parent=https%3A%2F%2Fpratum.com&pfname=&rpctoken=27761811 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.hubapi.com
api.hubspot.com
apis.google.com
app.hubspot.com
cta-service-cms2.hubspot.com
d1337p04.na1.hubspotlinks.com
f.hubspotusercontent40.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hscta.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
netdna.bootstrapcdn.com
no-cache.hubspot.com
perf.hsforms.com
platform.linkedin.com
platform.twitter.com
pratum.com
ssl.gstatic.com
static.hsappstatic.net
stats.g.doubleclick.net
syndication.twitter.com
track.hubspot.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.72
142.250.185.162
192.124.249.57
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:5605
2606:4700::6810:b672
2606:4700::6811:43b0
2606:4700::6811:72b0
2606:4700::6811:7d2
2606:4700::6811:7fab
2606:4700::6811:ba49
2606:4700::6811:cccc
2606:4700::6811:d2cc
2606:4700::6811:ddcc
2606:4700::6811:e7cc
2606:4700::6811:eecc
2606:4700::6812:14bf
2606:4700::6812:1e69
2606:4700::6812:bcf
2606:4700::6813:9b53
2a00:1450:4001:802::2002
2a00:1450:4001:803::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200d
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9a
2a02:26f0:6c00::210:ba11
008948cbaff4ddbfe3153c6088c5205b73c3803563cf97a55a47359623f496f1
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
020d1a573669e72a8e8683c79172d665c5715159411eca3be5ad54bc154d5895
04082cfaa14c7a04a29bf53810bda0de1aa03910090a4aeffb198f4e8bbf70d2
08c317b4f1dc3bc8950e5101dc7a7bee2f41e2ad34a70f477fc51fa52399a780
0a0d5fd4e0f669039bc633a2756906a92f37e5e1c814ee52ff553087053a8af2
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
139ef45414de3cfdd6f9f835e1c6c823e272077d681e1f7002ad2337adfe763e
14e619a4bceb4cafa0cf1832e59d42897bdf87be967a4781d8b5f3bb8852702a
1668f20a157a89faae7bc1c684b0acc8206deb58eee3b52d63726ca654afd82c
18193d54c542aecede72351e2b5daac4d78836e5c37d0744093c5cacc54a0a9c
1823ecd2a8994f9d78e310dd5716bc7532b95c68db40ee69fb35b05ee09aea58
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
1970f68c5da573ed3b6fb8c5421f9c34cdee55cbdd7fa8118c39e8a4f85a5600
1a4651c562bac53f6d33b1d8093551a818571a6b595304ba4813bc7b5d503783
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
1df72eb0c6f570ba6c078ebea6e42747f7e11f68bcccdb8c528f85ef39d46df0
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
231c763b6d37ec6c743d03fe4a6857354f0b04e24d16d7f93ea96f7bdad3d0dc
2555424ecfc90180df475a215ea34a32455c2fe3b9c20a88b1df83a99598fe29
2605ac2fd5fd06e33c89e994b0ca9a4e65d0b6370fabf9d38a44374ebf447eaa
29649dd5311ae06eb0639f2655f35be5da744bf41556d1a1c32d326994d77869
2aac45af52da68ebf3c21a445208b8ce755dc8caa52ce4f411bb1821e1614334
2bd1aa13c0678aad0a21d546ec44b63d8068279e796aad9bfce2eab4f0cd4bf0
2fc32c6620e847577a044afffca63a5003226db0085534477e6fdf5012c5e0fe
302ecfd3dcafa8174d1609465dda4fdaf6150d74883e8fddd3944e4d03cfa7d0
30db8b2da6035a427a3f61fc706eb27f30d602df105fcc9c92ade79277536bd4
326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d
36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c
3a9cbcbec8f6ed3bbe0262a9354405bd8855566f0340a5044a49b4febf4ae91d
3b892aba7aa482b252130b67278e4bdeabb56afab3440ea345ad4f6d3cbb4e0c
4159adb159bd3ce8e56501564c97171537c1a6cd48d8e8ee8c4453a0978d2700
472f7d43177c804489f766d42cf453e9bba30ab38c28df3f072cefba906b4292
474754d75548fad740bb581e4b0596cb9a1c0b47cfc03f8a6e273cc6da9b9080
4cde9f25ef0e11eb88158033c8529b7ae1cd2be136e7b48a8097a7b76f837886
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
59e2cff67ef4a6e1e74fe8a830858a1714cdb0ed34a2c479471e1039bba47390
5b3f238133590a4f711d8347b2bc826f8d7a596ce810844f501eff3f16cb027d
5c45d498184f68da18ab20d368ede7d0a6e1c36560a6a50517699da5404e7af7
661f13b4f4113a7586e0bc41c176010b085fc233eb44d0f60616ca00c0e7d5fc
69d6d79ddea8e76e73fe6c9ce4f47d45a1cb469abf497c49ef573f3fed046dd5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dd19753205a348c50fce29f867f3b02c1daac5f8874fe3ab37d5574502a70de
70c42999ff8deffe868bd981029631f3c46abe5e24ba62543f8548e58c8e0415
76518149098afc793e282f63849efbfd20711d0d5d8bc6f09a51f8eaa1945181
768e9f571558630520b67b0e5cbd1906edbbe0d47a4b8270bbbf1147da30c1a2
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7a1134a52b0aad0e551e07e05fc010b1376ff284e7f76579f397a59d13f34429
7ac6b1c9a7e82e170dc97bf24e0346b3ee0c5b5ac90b1a7647175ced7b01f722
7acf8adc8ed69c8de8f0c3b8ba32897c8201b39ab68223f3fa484c94cf53ae60
7dba18667e56c12b93a48df1a19f7c7da2fb7f9a3a4b0e580960bb6a64588475
830fcab93c12b9ad2a820fed85e456077ed189a100a59b3080fd807d844eeef2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858a841eeb944e8246888743c6aad09d3591f56986d7e4a8ef7a5f61c5d6c9b2
869ac15c910a336a380f77c870aeb154ee77d1c56e6450dd0d7b85877b2b4bc1
8bd139c393a6ca591e9f29d1c15fa1211cfdc287722455328140f6eb18a6d070
8f57f926ba6c5873973da65dafa127b5a10efcaa3bd2dbc08b9f7a8cb066fad6
98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a47337b001e349920019b1439b450fd86d8c4aeec26b0262775852b83fba2877
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad64b19bb17a8692401f74fc8d4496e921c08eec395223742b435b2fba161570
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b33647812966e950d652ec553e1ae58cd5d46f61b5309ff74cbaf8bd0db0254e
bbf83f7a7557c776594fd31827585c9e86e97909cae65bd4fa5637fc502760b3
bc12b83b7c153e06b04925531383849c2dcaa682b2637b7606b0dd513e0806b2
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1782fa8e45f6ea2ec2e384d9118f79b606e3fcbbb7c0db7c31f50aea7f68cd1
c224282471c8dce39b4177897bb65314ebebd61cf1137a439b20372a0792a74b
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c500c5d24d202d63c5d98deb47911b262f60a819a813b70743170b5c3140fbfd
c51fcea6c8ef9450d9c9029c3cadebffa2e80a89561fbe1c42c58ca37b835818
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c745fa43ed937d94efa0c13eb43061475d7f0c76fb765e7f12522da3bda8f6a8
cdd181db7783304f7ba9fcc1890d17482e4513d995d2ad522390b48ebfe2c2b3
cea89fee36e45693d430ef41dc08299b0d3c49b62770f1cef3cc00b9fef96a37
d1a032f9e4253882ca45f7746d796299ff521490c6c2e005b1548872f41115b5
d3085916259c4ca5f755ab7ba059660e86c2955b0afc2917a41c7c63cd438eb4
d50a297c1a7233817752317d0a84e60cc310f345cf0c90e7fe484bc5aa79900a
d8a6f2a85533d8b0a3572be5fa46cb09629d8f54f28bf40c52e0878d68caa046
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef
dac349cb18248475f6221e4c2276603715e03d34051c82e7b9aeba9f49433bb5
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dc10eb4c3193b2a9e85d3e011075c703c98d79e86dee2c8647311db2f1dfeb4b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf896aed7d8686a7e1eb1aac5f6a72c83c86a24ec2732191b2b1387c9c97bfe
e052de0e53a6eb517d952968c2dc326327f967b687bb67f85fb845753a872899
e30991bb24af455a1c15d8cda99ca72addb1027b5963104b6af0b73e5ff28539
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fa0c1ce2db4de129e1c7789eaf5a02e1e52814ed9ba5e2c80f7dceaf0fe91d
f2961ef025e9598bbc17229d642d373a9eb7feaa927ac1149a1bfc546d31caed
f348544fc10b4a29072e8eaf28d831cf9ab23e274d30b16825c1acfd3418832e
f5610dca639dfbc602be3ad30b5e98bff001f6f61d4ce0a618fe8ae3e6906059
fd8496b904ded0ea8472d611839277a6a8091398ededfd2aa6b57f2eba97a3df
ff5b10708fb9e73452045a368ed9ae9b4a46eacb91c026770f729816875d3759

pratum.com Open in urlscan Pro 192.124.249.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

116 Requests

100 %HTTPS

91 %IPv6

27 Domains

39 Subdomains

34 IPs

3 Countries

5296 kBTransfer

8555 kBSize

13 Cookies

7 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pratum.com Open in urlscan Pro
192.124.249.57 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

91 %
IPv6

27
Domains

39
Subdomains

34
IPs

3
Countries

5296 kB
Transfer

8555 kB
Size

13
Cookies

116 HTTP transactions
1 data transactions