urlscan.io logo urlscan.io
SecurityTrails logo

blog.pradeo.com Open in urlscan Pro
2606:2c40::c73c:67e1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blog.pradeo.com/e3t/Ctc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N1vHY6lZ3kYW8J1Fkz1Yz...
Effective URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33A...
Submission: On October 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 2 countries across 19 domains to perform 70 HTTP transactions. The main IP is 2606:2c40::c73c:67e1, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is blog.pradeo.com.
TLS certificate: Issued by GTS CA 1P5 on September 15th 2023. Valid for: 3 months.
This is the only time blog.pradeo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 2606:2c40::c7... 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.72 13414 (TWITTER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
70 22
28    2606:2c40::c73c:67e1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
blog.pradeo.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)
platform.linkedin.com
2    2606:4700::6810:6ed1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
avatars.hubspot.net
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
no-cache.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
1    2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)
3067823.fs1.hubspotusercontent-na1.net
2    2606:4700::6812:4ffd (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2606:4700::6811:e4a3 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
3    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:f8a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:7b0c (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)
perf.hsforms.com
1    2606:4700::6813:f912 (United States)

ASN13335 (CLOUDFLARENET, US)
f.hubspotusercontent10.net
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-na1.hsforms.com
Apex Domain
Subdomains		 Transfer
28 pradeo.com
blog.pradeo.com
364 KB
9 hubspot.com
app.hubspot.com — Cisco Umbrella Rank: 6214
no-cache.hubspot.com — Cisco Umbrella Rank: 13427
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 6556
track.hubspot.com — Cisco Umbrella Rank: 2658
135 KB
6 gstatic.com
fonts.gstatic.com
48 KB
5 hsforms.com
perf.hsforms.com — Cisco Umbrella Rank: 14252
forms.hsforms.com — Cisco Umbrella Rank: 4956
forms-na1.hsforms.com — Cisco Umbrella Rank: 7966
5 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
3 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2528
16 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
132 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
299 B
2 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 6516
89 KB
2 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 9766
avatars.hubspot.net — Cisco Umbrella Rank: 34984
3 KB
1 hubspotusercontent10.net
f.hubspotusercontent10.net — Cisco Umbrella Rank: 64230
72 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5142
86 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2519
21 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5287
22 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3531
4 KB
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 5039
2 KB
1 hubspotusercontent-na1.net
3067823.fs1.hubspotusercontent-na1.net
2 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 4004
160 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
89 KB
70 19
Domain Requested by
28 blog.pradeo.com 1 redirects blog.pradeo.com
js.usemessages.com
6 fonts.gstatic.com fonts.googleapis.com
4 track.hubspot.com
4 fonts.googleapis.com blog.pradeo.com
3 perf.hsforms.com blog.pradeo.com
3 js.hs-banner.com blog.pradeo.com
js.hs-banner.com
3 app.hubspot.com 2 redirects blog.pradeo.com
2 region1.google-analytics.com www.googletagmanager.com
2 platform.twitter.com blog.pradeo.com
platform.twitter.com
2 static.hsappstatic.net blog.pradeo.com
1 forms-na1.hsforms.com blog.pradeo.com
1 forms.hsforms.com blog.pradeo.com
1 syndication.twitter.com platform.twitter.com
1 f.hubspotusercontent10.net blog.pradeo.com
1 js.hsleadflows.net blog.pradeo.com
1 js.hs-analytics.net blog.pradeo.com
1 js.usemessages.com blog.pradeo.com
1 js.hsadspixel.net blog.pradeo.com
1 cta-service-cms2.hubspot.com blog.pradeo.com
1 ws.zoominfo.com blog.pradeo.com
1 3067823.fs1.hubspotusercontent-na1.net blog.pradeo.com
1 no-cache.hubspot.com blog.pradeo.com
1 avatars.hubspot.net blog.pradeo.com
1 cdn2.hubspot.net blog.pradeo.com
1 platform.linkedin.com blog.pradeo.com
1 www.googletagmanager.com blog.pradeo.com
70 26

This site contains links to these domains. Also see Links.

Domain
pradeo.com
www.cert.ssi.gouv.fr
www.pradeo.com
www.linkedin.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
blog.pradeo.com
GTS CA 1P5		 2023-09-15 -
2023-12-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-07-11 -
2024-07-10		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2023-04-06 -
2024-04-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
hubspotusercontent-na1.net
Cloudflare Inc ECC CA-3		 2023-09-30 -
2024-09-29		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-17 -
2024-05-16		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Frame ID: DF0651B8409EB6F97CC88E3B3953BD6B
Requests: 67 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fblog.pradeo.com
Frame ID: 1187FAFC8FDCA5CE73CAE90A4F8E7C83
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Smartphones and tablets : An open door to ransomwares

Page URL History Show full URLs

  1. https://blog.pradeo.com/e3t/Ctc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N... Page URL
  2. https://blog.pradeo.com/events/public/v1/encoded/track/tc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7... HTTP 307
    https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

99 %
HTTPS

95 %
IPv6

19
Domains

26
Subdomains

22
IPs

2
Countries

1251 kB
Transfer

3397 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blog.pradeo.com/e3t/Ctc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N1vHY6lZ3kYW8J1Fkz1Yz9FlW4bWfyb130fmVN76_Dx5FDVPQVVvJnv8FcSx6V8pJQP91QmR9W15LBbK7s1W_0N1wwL4_-S788W7vMFX33L883ZW26CClx71VCGPW4FLkSm8w55fxN5kxD5lXGfB-W97N-T55DQ2WhW3Cj1xl1h5Xg5N1jQj7BZbr3jW82f7VD52PXTlW1nhZVl6czjK_W6cpp4W6mmk5RW4Cjmy-14J3PSW1bcy9Y7pzcRYW7dTSLF33HkM7W6M4nzT76HvpDVrQFYH4Hq9Ltf4tqR3g04 Page URL
  2. https://blog.pradeo.com/events/public/v1/encoded/track/tc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N1vHY6lZ3kYW8J1Fkz1Yz9FlW4bWfyb130fmVN76_Dx5FDVPQVVvJnv8FcSx6V8pJQP91QmR9W15LBbK7s1W_0N1wwL4_-S788W7vMFX33L883ZW26CClx71VCGPW4FLkSm8w55fxN5kxD5lXGfB-W97N-T55DQ2WhW3Cj1xl1h5Xg5N1jQj7BZbr3jW82f7VD52PXTlW1nhZVl6czjK_W6cpp4W6mmk5RW4Cjmy-14J3PSW1bcy9Y7pzcRYW7dTSLF33HkM7W6M4nzT76HvpDVrQFYH4Hq9Ltf4tqR3g04?_ud=06aea826-a70b-421d-bb43-0f32b5257d7e&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://app.hubspot.com/settings/avatar/d41d8cd98f00b204e9800998ecf8427e HTTP 302
  • https://app.hubspot.com/userpreferences/v1/avatar/d41d8cd98f00b204e9800998ecf8427e HTTP 307
  • https://avatars.hubspot.net/default-80

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N1vHY6lZ3kYW8J1Fkz1Yz9FlW4bWfyb130fmVN76_Dx5FDVPQVVvJnv8FcSx6V8pJQP91QmR9W15LBbK7s1W_0N1wwL4_-S788W7vMFX33L883ZW26CClx71VCGPW4FLkSm8w55fxN5kxD5lX...
blog.pradeo.com/e3t/Ctc/OM+113/ch5Kr04/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/e3t/Ctc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N1vHY6lZ3kYW8J1Fkz1Yz9FlW4bWfyb130fmVN76_Dx5FDVPQVVvJnv8FcSx6V8pJQP91QmR9W15LBbK7s1W_0N1wwL4_-S788W7vMFX33L883ZW26CClx71VCGPW4FLkSm8w55fxN5kxD5lXGfB-W97N-T55DQ2WhW3Cj1xl1h5Xg5N1jQj7BZbr3jW82f7VD52PXTlW1nhZVl6czjK_W6cpp4W6mmk5RW4Cjmy-14J3PSW1bcy9Y7pzcRYW7dTSLF33HkM7W6M4nzT76HvpDVrQFYH4Hq9Ltf4tqR3g04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
81565f147bc59bfa-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Fri, 13 Oct 2023 08:56:48 GMT
last-modified
Fri, 13 Oct 2023 08:56:48 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhvyJo%2FB4mXW8njXdcW6cj7HgGfL3f6%2B9yz5jecCWoR1skX5EZy7jNL2Xbb8Urtwcc%2FpfX4jkjq7pDOzqAo1qinz4k38OxOEUaMfVqwp6MMXeK%2FiLqEi1MvPeY6wsbFldeYMah9x%2Fvqa%2Fevj%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
9
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-7d997f8c5-pn2bf
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
6bc885bb-2afd-4b1a-b29d-0d55a7587f0f
x-request-id
6bc885bb-2afd-4b1a-b29d-0d55a7587f0f
x-robots-tag
none
Primary Request mobile-security-ransomware
blog.pradeo.com/
Redirect Chain
  • https://blog.pradeo.com/events/public/v1/encoded/track/tc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N1vHY6lZ3kYW8J1Fkz1Yz9FlW4bWfyb130fmVN76_Dx5FDVPQVVvJnv8FcSx6V8pJQP91QmR...
  • https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE9...
84 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/e3t/Ctc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N1vHY6lZ3kYW8J1Fkz1Yz9FlW4bWfyb130fmVN76_Dx5FDVPQVVvJnv8FcSx6V8pJQP91QmR9W15LBbK7s1W_0N1wwL4_-S788W7vMFX33L883ZW26CClx71VCGPW4FLkSm8w55fxN5kxD5lXGfB-W97N-T55DQ2WhW3Cj1xl1h5Xg5N1jQj7BZbr3jW82f7VD52PXTlW1nhZVl6czjK_W6cpp4W6mmk5RW4Cjmy-14J3PSW1bcy9Y7pzcRYW7dTSLF33HkM7W6M4nzT76HvpDVrQFYH4Hq9Ltf4tqR3g04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4db97eb52ad81fd7ffc1556691bcaf6087e1a04645317baa6c07e25edc83b38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blog.pradeo.com/e3t/Ctc/OM+113/ch5Kr04/VVqqN-74nQ84W7tHlRW2BqB1jW7xsyK954zGyHN54gmP63lYMRW6N1vHY6lZ3kYW8J1Fkz1Yz9FlW4bWfyb130fmVN76_Dx5FDVPQVVvJnv8FcSx6V8pJQP91QmR9W15LBbK7s1W_0N1wwL4_-S788W7vMFX33L883ZW26CClx71VCGPW4FLkSm8w55fxN5kxD5lXGfB-W97N-T55DQ2WhW3Cj1xl1h5Xg5N1jQj7BZbr3jW82f7VD52PXTlW1nhZVl6czjK_W6cpp4W6mmk5RW4Cjmy-14J3PSW1bcy9Y7pzcRYW7dTSLF33HkM7W6M4nzT76HvpDVrQFYH4Hq9Ltf4tqR3g04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=10800, max-age=0
cf-ray
81565f179ece916e-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 13 Oct 2023 08:56:48 GMT
edge-cache-tag
CT-42224642964,CG-2378615,CG-4214981702,P-2378615,L-40774621311,L-40775681335,L-40798544809,W-40873874761,W-40879374656,CW-18345526332,CW-40775538069,CW-40775538070,CW-40775552769,CW-40775552770,CW-40775603651,CW-40775603652,CW-40775680974,CW-40775776995,E-40775681226,E-40775681446,E-40775689242,MENU-40873874761,MENU-40879374656,PGS-ALL,SW-1,B-4214981702,GC-40839529451,GC-45696088322
etag
W/"0305a39ca149ee8320c2332ece65c96c"
last-modified
Sat, 07 Oct 2023 23:04:21 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkSkRohRPjtKGhBN5X9pRMkWiG6OvgF5W0BhuOTBzccDkDZVghKWokfcTJYSL8%2Bup68sItOOK8haPkbDv1Mm7AXf2aJJDVUcmNWmEBFII9J3yf4Jpfup9chORAO3t0lW9i2Mx9DfvLxxw1NoKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cache-control
s-maxage=10800, max-age=0
x-hs-cf-cache-status
HIT
x-hs-content-id
42224642964
x-hs-https-only
worker
x-hs-hub-id
2378615
x-hs-prerendered
Sat, 07 Oct 2023 23:04:21 GMT

Redirect headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
81565f160d839bfa-FRA
content-security-policy
upgrade-insecure-requests
date
Fri, 13 Oct 2023 08:56:48 GMT
link
<https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email>; rel="canonical"
location
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2CTDOl92UuQ3uvgonKBt5JfF102tYScATZwmi4Tr7VP1WDmzvpETZu9cics7bsUCWtLZlRVTjUdbh%2BWG8rLmtQeXLASt1t8S%2BQJ65%2BY3gKur4%2FQ9pdR7Ueey4IuW2EWO9qZUsuJLISZeY1Q5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
49
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-7d997f8c5-xswbk
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
f98953b9-564c-4991-9825-ce447eef9167
x-request-id
f98953b9-564c-4991-9825-ce447eef9167
x-robots-tag
none
index.js
blog.pradeo.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
15096697
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 21 Apr 2023 15:17:56 GMT
server
cloudflare
etag
W/"0bbd63c0750f141fd5cec04a9393647e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FRf%2FI6Xa5RBreTIOiar26eioNKt5EzGswbUuLC1F4eIvYodQzpoprn%2Bvo7RyZ998p2fdBjxtvEZAYPv%2BYqZKt7%2Fpqmg0fbFNBJKg4Fk%2FKho2P0RCO7xpNrBWcqJOTsYna9CLV4I8ELi6cJScg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81565f183f65916e-FRA
x-amz-cf-id
kYirOZfoHQXeyAOg4VhVOBcOLxa_7X0NxADbW-vas0QAqsDyQkWkww==
expires
Sat, 12 Oct 2024 08:56:48 GMT
project.js
blog.pradeo.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 59d2fae2830d603c79da39156799a1fc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
18531464
x-amz-cf-pop
BOM50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
gEenO44eZUewxnIWfgj9q6LB.g9OszNv
content-encoding
br
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 19 Aug 2020 22:24:11 GMT
server
cloudflare
etag
W/"ef84f26c310485299d6b75777414eddb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upXFY%2BUXPOjhU1y0VTT5eR%2BX4JIVzpzgllTOna%2Bm9C%2FcgxK9NifC2SlsVdLbGtlgUFdx%2BlOmOW67jn%2BOiXDlOV%2Fr7PAg%2FOU36EHuX1OZlY%2FcNe9UhdmrxqXainV6bPWI9RILYnwGXYJC1EFAgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81565f183f66916e-FRA
x-amz-cf-id
qoiu1RfC4804skIIy0lJk7a0xFPTnWkPquUgpeQAB5aScoQbyprP-g==
expires
Sat, 12 Oct 2024 08:56:48 GMT
project.js
blog.pradeo.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
18512893
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fbGIkhsNECKcM8DhRP8JUG%2FdSClnrViXuQptB1PL14GRBd49LyNg8QRE9ys0bncN9YCkVn5N2VgyNq16ce3Oi3HqtBMYlOMzpEcL6Q1CCFr2qp%2B9JOWhortUUqMOyxeUAU%2BYIrUZi9spkEH3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81565f183f6a916e-FRA
x-amz-cf-id
n-wCgFq_tXu75HdwN5yHV7QlFUeiN9b92x8cHfArPXJP-lfFO3xe7Q==
expires
Sat, 12 Oct 2024 08:56:48 GMT
post_listing_asset.js
blog.pradeo.com/hs/hsstatic/AsyncSupport/static-1.122/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
142799
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
nC1hzr07YsutChb9rCwKsMoiyxip8lR7
content-encoding
br
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Dec 2021 15:26:10 GMT
server
cloudflare
etag
W/"d95d7dafd49a1edc76a47120c287b579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPLKdsW4TcaKbEXLEFZ7VzEYfb5rQt3cgI5j2PcFIEr8PfonfXygtpcKAWSojuyv%2BOcbnccAY5F4hguZdsGDOR3YWnDgO2qlVeWL4XRF7cyo%2FRgh5zcjKgW%2BVfDPdfiJ0WUp9iE20qxcN3cCMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81565f183f6b916e-FRA
x-amz-cf-id
H2FzaIgT4Ve-S5ukd264Mymd3qgGrzWYdvg8sTRyYoAf2G0SpnDGEQ==
expires
Sat, 12 Oct 2024 08:56:48 GMT
v2.js
blog.pradeo.com/_hcms/forms/ 		563 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/_hcms/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
279817a125934c4629aa278564e64fca0dcb0fdc45f38739e38c9cab297d2a92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
340
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3938/bundles/project-v2.js&cfRay=815656c7037390f4-FRA
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-evy-trace-listener
listener_https
etag
W/"df4d197f9648d27915af7ec01a018b73"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3938/bundles/project-v2.js
date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-amz-version-id
pLPYW3H2ND7V2jGLhGJ4mCejj6Xammwx
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
400c458e-84fa-4531-8c70-73693f4dca5c
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
400c458e-84fa-4531-8c70-73693f4dca5c
last-modified
Thu, 12 Oct 2023 03:05:49 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baLoOLzrj4Ep7g5Y5HabQBWnlczAC6QE3hpzhKiqz2FKYQ6kEbY3PNbYEgm8J1TDLHUKM%2BXhMogInGv5hI6N2L07U%2BzpD4AfcAaYcEEMsnIVLo%2Flo9RIyHDphtTtEYWAWxwzwHg0hQu74go5MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-mlg6m
cf-ray
81565f183f6c916e-FRA
x-amz-cf-id
nFQpFFPyl39Ergs8SBtsK5andX5mj0QlinNmSbWou4CcTTPy1kE6kw==
jquery-1.7.1.js
blog.pradeo.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 		92 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
15826549
x-amz-cf-pop
MXP63-P3
x-amz-version-id
null
content-encoding
br
x-cache
Hit from cloudfront
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qqqa57wq22dIeVZnOwsRY7yQo7lqLmmUAzCniFMua%2Buvs2q%2Bz5SVeo9hbrNf0%2BC%2F6xgE2zzd5p9bW%2FsVbLZtVIIvr2BTRaU07UUk8t2IUFBBoVg4eok%2BRfk8QScZ5opl8VJN38qM6QwVroYZxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81565f183f6d916e-FRA
x-amz-cf-id
lEPv10b8DNsR7BB4yz6LTyk_0tRY19T_LTSh3sEsv7gQPAwfeoqVXA==
expires
Sat, 12 Oct 2024 08:56:48 GMT
rss_post_listing.css
blog.pradeo.com/hs/hsstatic/AsyncSupport/static-1.122/sass/ 		910 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/hsstatic/AsyncSupport/static-1.122/sass/rss_post_listing.css
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
22556896
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
YluxiXaQWSQWC28IUPv3NXYXDi68ylxl
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Dec 2021 15:26:10 GMT
server
cloudflare
etag
W/"e1b521ec14a912d6d385c21388ec7d79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwPWwYFMjOctH4L8%2BOqkr1UeOYBZWTV%2BffZ6gfaRlGIJQqw3gALBVYgke%2BfpsZ0y7q0EJlbFwXXaSRxW9pcZOzbMd%2BNsDynbl%2FZf0brkFlj1iFsWJ9zTLfzoGBffexuNPWo%2FUoqCpQvbBHTeBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
81565f183f6e916e-FRA
x-amz-cf-id
7niHb3hMyBb4ZghZhzD3WYj7qf8oArAWjTAM0lDWqHozjYfMf6Mfig==
expires
Sat, 12 Oct 2024 08:56:48 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-728CP3087N
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af0430013de6da013d5101a34895e25b5202559bb79950ccce879ea511a8c197
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91006
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 08:56:49 GMT
in.js
platform.linkedin.com/ 		510 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6722) /
Resource Hash
c7d2435a17074fcf9d68f3dc278cdcdbaa0591d4dc6df866c6dd1f4b4f57d2ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
3362
x-cache
HIT
x-cdn-proto
HTTP2
content-length
163638
x-li-uuid
AAYHlHQ7cmivfgfHXfiRgg==
last-modified
Fri, 13 Oct 2023 08:00:46 GMT
server
ECAcc (frb/6722)
x-li-pop
prod-lva1-x
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
x-li-fabric
prod-lva1
cache-control
public, max-age=3600
x-li-proto
http/1.1
accept-ranges
bytes
expires
Fri, 13 Oct 2023 09:00:46 GMT
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1696612711849/hubspot/hubspot_default/shared/responsive/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1696612711849/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-encoding
br
age
574646
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"94daf62e7e6df83595c6251fb0c7c055"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1696612712490
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Fri, 13 Oct 2023 08:56:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
3a52bb66-ba37-47de-b73b-a00257bbbc7a
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
178
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
3a52bb66-ba37-47de-b73b-a00257bbbc7a
last-modified
Fri, 06 Oct 2023 17:18:33 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2O5UqtAnqjk1K7dRWjw6Gtl1Q9PdxVnHnF6pUOGSt0UkO9b0dtfFwIaie2B9ZspGa%2F9FtXkrz5MrPbbuWNMFuLX4%2BuvYF61PfRtoSXO%2B7rVY8OZj7hL5GD7EZ300wciuMSVqsp2McFzchEGrhq4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-5745477c8b-xgsnc
cf-ray
81565f18bbfbbba7-FRA
Awwal_Modern_Blog_Listing_Template.min.css
blog.pradeo.com/hs-fs/hub/2378615/hub_generated/template_assets/40775681226/1613135024221/Marketplace/Awwal_Design/Awwal_-_Modern_Blog_Listing_Template/Coded_Files/ 		177 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs-fs/hub/2378615/hub_generated/template_assets/40775681226/1613135024221/Marketplace/Awwal_Design/Awwal_-_Modern_Blog_Listing_Template/Coded_Files/Awwal_Modern_Blog_Listing_Template.min.css
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f62ea39d88b892aeda6480442d454ef8600da13390b6c9dcdb7d9e66295d8b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
1378
x-amz-request-id
8950MQTF77SVKBRQ
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"6b9cb05386971da33bfe35e1b1272e20"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1613135024221
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 7007d03050a44a1c68abb38fc262d3f4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
wS5uxEC7EK4H6jIWXkJRHN1hWh1jlZKU
x-amz-cf-pop
IAD55-P5
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
175
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sUjNaQS/tcpMBxKBKy/Q766cOJh/V+LlZFFHnCUiX23xUU1PSwcEcGun2sPMP709XOm2J+1x1iQ=
x-evy-trace-route-configuration
listener_https/all
x-request-id
6ce98f23-2888-44e6-b74e-7f6849477581
last-modified
Fri, 12 Feb 2021 13:03:45 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8UENUHB%2FLB6j32L47s%2BdIV3a%2Fwfa8fZsuN7SogDqya03DR4s4vM9xcJiuyqX8cw%2Fhh8hZ%2F66kXWKoQYajlvPbL%2BO3cTAjpkgdWuBL2M527lwKQ007gsEBgk0OO05i5z8IKEExOwSl2Z7%2Fyk9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials
false
cf-ray
81565f183f6f916e-FRA
x-amz-cf-id
AQJ4bgkmu-B37p7ypcAUZC5VIdLO3wMEc2T0iy3tT1pb6xlcW2EnSw==
carousal.min.css
blog.pradeo.com/hs-fs/hub/2378615/hub_generated/template_assets/40775681446/1610981568788/Marketplace/Awwal_Design/Awwal_-_Modern_Blog_Listing_Template/Coded_Files/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs-fs/hub/2378615/hub_generated/template_assets/40775681446/1610981568788/Marketplace/Awwal_Design/Awwal_-_Modern_Blog_Listing_Template/Coded_Files/carousal.min.css
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56743ec90478af9096365a4bec0188284af6030aac0889895139f8a7fb794fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
1378
x-amz-request-id
3TJNXH0R1AV043ME
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"e09d0eaad3fe9121b05465ef4b35bd30"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1610981568788
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 c59b5a542015c208c95d2ed3c65cdbcc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
7lrqvwOU8HKLcNYqB8jhtxAAkJfi6SO4
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
131
alt-svc
h3=":443"; ma=86400
x-amz-id-2
V54d5tPXbKMDzfcW5kXThw9WaGs4dK1jCocskuDtxhAYk+um2MZ/6W4i0YzAft3HE5iq2v9BqBE=
x-evy-trace-route-configuration
listener_https/all
x-request-id
7f6dfcc7-b833-44de-985d-e57b432756ce
last-modified
Mon, 18 Jan 2021 14:52:49 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgO9ml%2Fs2U8h1coBSuBMZNaCW%2B0S8VGf2Y5E09CtTE7RyOAPm1bgBLuW1qdvXAbmj%2BPIaqzFmwKqGEbB33I4Ltdr1qV5LAnAJxRk8TDD8VeqJMzQHU%2BQu9IntACY7s0rlFDeksPm2wNiXT%2BkAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-r4k2f
access-control-allow-credentials
false
cf-ray
81565f183f70916e-FRA
x-amz-cf-id
-tDqA1cqQB7oZP4ywPvo7Vk2QVV-Zl_dmf1veSfZ1zgunMnlRlm-4w==
css
fonts.googleapis.com/ 		1 KB
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Domine:400,700
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07203d572b683bdf93cffa784ffa0268e99e5d19ac3a5fd35809e48ba4e05b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 08:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 08:52:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 08:56:48 GMT
css
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 08:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 07:10:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 08:56:48 GMT
css
fonts.googleapis.com/ 		19 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3726f6f71175b54abf48e8863b8634461bcbf34831f7c1b0a1d11e2604782b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 08:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 08:06:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 08:56:48 GMT
css
fonts.googleapis.com/ 		1 KB
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Sanchez:400,400i
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3089a512817e0a096709ceeeb27b260267ba4e6240ffe7e3199fa5d8f639c850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 08:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 08:55:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 08:56:48 GMT
pradeo_logo_color.png
blog.pradeo.com/hs-fs/hubfs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.pradeo.com/hs-fs/hubfs/pradeo_logo_color.png?width=220&height=33&name=pradeo_logo_color.png
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aebc0ae8f8ad29477300b927572100346977d52275b17d941aec8eb013de929
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-40808581140,P-2378615,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
2864
cf-resized
internal=ok/m q=0 n=565+0 c=2+9 v=2023.9.8 l=2864
last-modified
Tue, 19 Jan 2021 16:18:12 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfaBEvwIiRMFe3uAAGiWFkuKTzztFJwZwkgXqGfGjaDQ:2b671b534761fafe409abd699eff5b9c"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovpT6C5tGcMnC2b7Ru2dsHZ8OnXUmSX2ghauvDYXumS34BW1jVLIl%2BPJeC09Ll%2BDl8Pp6BMaa0H0eAFtMy9fLPKh1uRsgsovdgXho2bN33h9sRe5GgHH8BOthjGNmjEMJ6UMkF1iraSPnQv3cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
81565f1a094e916e-FRA
default-80
avatars.hubspot.net/
Redirect Chain
  • https://app.hubspot.com/settings/avatar/d41d8cd98f00b204e9800998ecf8427e
  • https://app.hubspot.com/userpreferences/v1/avatar/d41d8cd98f00b204e9800998ecf8427e
  • https://avatars.hubspot.net/default-80
354 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.hubspot.net/default-80
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Server
2606:4700::6810:6ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f44a0999dce72299487d3cb56bdfbb90e3f82dd9e501d37a82deec19b482d8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
71NXV40NQ35PG3SR
age
34077
cf-polished
origFmt=png, origSize=635
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
354
x-amz-id-2
f/2WjCuIuLZ9bHvSobZhCqaaSLU1Yy6BWA/0TpusY6idFDI7t9vOSoTqNjBsXd+Av01DN/p7NbOwt5iY/aY8bxmhoYtk6PmA
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Sep 2020 15:59:15 GMT
x-amz-meta-s3cmd-attrs
uid:1997735891/gname:staff/uname:jmendelewski/gid:20/mode:33188/mtime:1484768624/atime:1484768624/md5:f9ac484f1e674f1b05ddaf662904d2d3/ctime:1484768628
server
cloudflare
etag
"f9ac484f1e674f1b05ddaf662904d2d3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dhYAOHlnmu41r6kpC6uzF6bRXg0OaBcPwgSjjTZ4K5DwY%2BjruzCvmIZ0S6CIbxtBI9iJVZ86W%2F5XRoZWtCGqDW6Eg0lOjOGVA1qxIg%2BoRNP5hvYijzRMhgI6fCYi3kpKtjc30jE8teqOhZqPS1hkKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
81565f1bdf79bba7-FRA

Redirect headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
no-sniff
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
bf4ff7c6-2f78-45a0-b5ce-b5d9524409e3
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=81565f1a7af14d4f&resource=unknown"
x-evy-trace-listener
listener_https
x-request-id
bf4ff7c6-2f78-45a0-b5ce-b5d9524409e3
server
cloudflare
x-trace
2B063D262DA5E30511A039F2C16BFF7A3F4F19D4DD000000000000000000
vary
origin, Accept-Encoding
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
location
https://avatars.hubspot.net/default-80
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-mlg6m
cache-control
max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
cf-ray
81565f1a7af14d4f-FRA
IMAGE-ARTICLE-1.jpg
blog.pradeo.com/hubfs/ 		9 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.pradeo.com/hubfs/IMAGE-ARTICLE-1.jpg
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f07f3501069f6430960fd6aa9af2e8b9ee3cf41044cdc25d18f8c2950b7945
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-42310343796,P-2378615,FLS-ALL
x-amz-request-id
FN0SSHQYRKPXMZVE
x-amz-server-side-encryption
AES256
edge-cache-tag
F-42310343796,P-2378615,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="IMAGE-ARTICLE-1.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"12df5cb0ce1e7ab89739336bc7174077"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1614679923518
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Fri, 13 Oct 2023 08:56:48 GMT
strict-transport-security
max-age=31536000
via
1.1 eec53532cacf9ede8d0e014bc1ea9a88.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
ydJnr1MqaGranGZUywCxPfwqTQflWrOO
x-amz-cf-pop
TLV50-C2
x-hs-alternate-content-type
text/plain
cf-polished
qual=85, origFmt=jpeg, origSize=54068
x-cache
RefreshHit from cloudfront
cache-tag
F-42310343796,P-2378615,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
content-length
9542
x-amz-id-2
aYMBRrpdUf+0653hol6C27A83qlBWDWPe+6dHw67N/jDMvP8UZlp7XdudJ0jL3rZh2jivFPaskA=
last-modified
Tue, 02 Mar 2021 10:12:04 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Nic9gDjJVUIZeAduFG940qwX57wvQbiJwlWIlaKMnk8j3HkDmjZb8g0rFOuA0TCtLd3Oo%2BRkJHzuvM2CrbRwusin3XqNHoXqqn13YHU%2FrABLQ3gW5djI7R%2F6mksstmPPCUpQeklpmDM%2F8oanQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
81565f183f71916e-FRA
x-amz-cf-id
NgXWKKmogMvH3hdOYXXuA2MOAusCoOydoQgzOFHUEGUU629kua7Dkg==
ad3111b0-9454-41ff-91f4-9eee95b1f08f.png
no-cache.hubspot.com/cta/default/2378615/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-cache.hubspot.com/cta/default/2378615/ad3111b0-9454-41ff-91f4-9eee95b1f08f.png
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a835950d18dec999a3aa4741f3172c2841cadddc1801c907d3c50b524c41fcf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
x-amz-version-id
null
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
5QECD5MVS3BRQVGV
x-amz-server-side-encryption
AES256
content-length
131954
x-amz-id-2
vHaxtKTCPnHb5HNzApzADOcZujHarMA0ZU4o9heUrzj8dSEDcnVMl5YrdaXQHkSjwSNw17XhscM=
last-modified
Wed, 27 Jan 2021 10:23:34 GMT
server
cloudflare
etag
"199f726771a87ae28b169d17bdededd4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYLnXZywm6qCHvFsm%2F0FRM8xTCszG4F7YYbzwU1V2lwofhMxfzLWeSKrsD8P5%2B5z%2Fm1RB6giyP6vCMv7upFlRinuTNgGmdho9QNLv0DZ7EqouqJnZvvUX39DPpxsH%2Bp09r6KZLV5%2FfLWkCaR9DCdMm7X"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store
accept-ranges
bytes
cf-ray
81565f1989d04d4f-FRA
current.js
blog.pradeo.com/hs/cta/cta/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/cta/cta/current.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f58a3e48f23d9036625e9f26553d5da8f45516cf308b6ae6fb2b0fe0d13b4e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
430
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.226/bundles/current.js&cfRay=81565497439103c4-FRA
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-evy-trace-listener
listener_https
etag
W/"7a7ad36467619447fadd7b98ce7f3800"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
cta-embed-js/static-1.226/bundles/current.js
date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
via
1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-amz-version-id
vhhL_YuOEeyrE1us6iU1p_IC2N0DFzup
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
877eb958-a4b0-4871-a6a1-83a952c1601c
x-cache
Hit from cloudfront
cache-tag
staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
877eb958-a4b0-4871-a6a1-83a952c1601c
last-modified
Wed, 04 Oct 2023 01:26:06 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCiZrEDRjE3CCtVSnoTzaDni%2BYKdZZrlR%2FNHW4j6S5vpn3k89O0rGvmCnQ3Yy7B5uihWADhUODcIbY%2BtTd%2FaObqQ5wcDBtiO0W%2FtPEpV%2FxvMywK46GhHE6O4Y0WeY2f67Oo2RN4W7zxXl0ELwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-bnhh6
cf-ray
81565f1a0946916e-FRA
x-amz-cf-id
6xLMbRBAK1oIrgxN-gQ_w-SZNr5pzhTzSQtEl81_EaAVnTLhisVnhQ==
pradeo_logo_white_square.png
blog.pradeo.com/hs-fs/hubfs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.pradeo.com/hs-fs/hubfs/pradeo_logo_white_square.png?width=90&height=74&name=pradeo_logo_white_square.png
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0207b82347c4b660ae85f31e3d8db808590860caad8aa124fad79e83a9e26646
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-40838121402,P-2378615,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
2714
cf-resized
internal=ok/m q=0 n=862+0 c=3+13 v=2023.9.8 l=2714
last-modified
Wed, 20 Jan 2021 13:24:45 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfJFmBwJUvQ5qamsAuMu6CcPgJgkZfXtLzlpscL4gdDQ:7ced6346a66f930292e77bd5a410b05d"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpQmu%2BwH8ErfD51iY86o0yzomqdD3TI70giw0g%2FP6k7lGIziXaqGP3ngJAK3yrF1Gc5gMeZiytlnLnKm2S%2BdcrNe5Qg%2FrT5jjiJlmt6tOrr9tWVzkKHsOpJx35TUPpIDGFeZb2yyVIacAT6a%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
81565f1a094f916e-FRA
email.svg
3067823.fs1.hubspotusercontent-na1.net/hubfs/3067823/awwal/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3067823.fs1.hubspotusercontent-na1.net/hubfs/3067823/awwal/email.svg
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109d4e6b53fc6ddfe1ff1b962eeddb39e067fb151f065a898db11a2a92523cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
via
1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-meta-cache-tag
F-5035794007,P-3067823,FLS-ALL
x-amz-version-id
lIwVQhKGQtHOP2guc2C0ZWwCd_j7.q8N
age
8733
x-amz-cf-pop
FRA56-P7
x-amz-request-id
HM5JJ0M95ZDP0RDD
edge-cache-tag
F-5035794007,P-3067823,FLS-ALL
cache-tag
F-5035794007,P-3067823,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-amz-id-2
erMen3ZkyFwj7JbRX+xYn6ruzvjM15jO/jRDFZ/e4VuJKM/vhsfYa1nopcgupi/gg+Ub8AfhFZc=
last-modified
Sat, 07 Oct 2017 19:24:03 GMT
server
cloudflare
etag
W/"0ac9f17ee1e8a24a2e25a7fcf2953426"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray
81565f1a9c5b9c04-FRA
x-amz-cf-id
NvS-0hLtIrRJQn5kx9Bu3PRL38cH9HpRRY5AieMHVaq7Nl1HdI1WvQ==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
embed.js
static.hsappstatic.net/content-cwv-embed/static-1.388/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ffd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
x-amz-version-id
GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
DUS51-P2
age
153815
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 15 Aug 2023 19:48:57 GMT
server
cloudflare
etag
W/"8741985292d64b839be39c64b14f3783"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioghWUM32YDz0WsKDW%2F3YbNyDl8aRzTK%2FmRKXHBfOiTL2cWi%2FLcjmZbD0fdJZJ1uQ57WzByEtffhvaBzBDCpeBzBEw1pbdYzKa6lzxlJJhmB0h12gJDU5j5c8qeboIdsNBhetAPheekVBryjBC3k70uq1ZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81565f1a8ed335e7-FRA
x-amz-cf-id
0CrtM1JaR-Y1udGBBPZNvOu46612wP2Rd98ATg9ajHbTnwiiIGq10A==
expires
Sat, 12 Oct 2024 08:56:49 GMT
Owl_Carousal.min.js
blog.pradeo.com/hs-fs/hub/2378615/hub_generated/template_assets/40775689242/1610981569784/Marketplace/Awwal_Design/Awwal_-_Modern_Blog_Listing_Template/Coded_Files/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs-fs/hub/2378615/hub_generated/template_assets/40775689242/1610981569784/Marketplace/Awwal_Design/Awwal_-_Modern_Blog_Listing_Template/Coded_Files/Owl_Carousal.min.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d52f04728180feba25c81c41a44dcf093ed4ef603b3ee47c23b9a0baf7d327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
R6A10VFTNDE963TQ
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"cbd5fe7f178b76cece9259766fd7ec9d"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1610981569784
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
via
1.1 bf7159e30a38421f642619d6da9a8eb4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
0NLNRVdz6_fkBbNWLOt6_sWWi0mL_tDW
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
155
alt-svc
h3=":443"; ma=86400
x-amz-id-2
c/5qe2ZgRyw6Vo+wbEnwhF4ozgskIMOp1y9oxz9cBfVpQMPMSXOBNjb0EDDwLxrC+plapdqMDsDQ0Ry53TiUuA==
x-request-id
88c476d4-67d7-4214-ab36-576f654191d5
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 18 Jan 2021 14:52:50 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6l11M4J44YHHaS%2F86OD3cIshoYR%2F0NrkHrv9C2XT3wMmEypRVzj2ZLAOE6J%2BaATtGpI6cmtwkLYzMCf0HpDwX7AcFXSNhP%2Bc5CbQyAxrYljm4IJoB1ziHCWUI58ZnxQpt1BhbXIAsmxqx2V3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-r4k2f
access-control-allow-credentials
false
cf-ray
81565f1a094a916e-FRA
x-amz-cf-id
1Z_mv5JbL4asCJdi2061P23HXevpuNcj4GTs1EYgHjZlO98Vgok6pw==
module_40775538069_Blog_Listing_Slider.min.js
blog.pradeo.com/hs-fs/hub/2378615/hub_generated/module_assets/40775538069/1612951579102/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs-fs/hub/2378615/hub_generated/module_assets/40775538069/1612951579102/module_40775538069_Blog_Listing_Slider.min.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a359de822aa23221feaafd35d63cb804766bcc0f2bbb9e152d7a1a9fbf260057
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
3TJJDGZ4HWTBC5A9
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"949435e9f4d58bf582435d73facf62ae"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1612951579102
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
via
1.1 db50275fc6a3d1f557e22016322e2ba2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
QKEVrcqTyJPXja9QEMriLrJP8qIhhw1K
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
111
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XKPKRJABpBxBlF3XRLv7k43rW9TJJruz+bzdx48H5gT0mWTnund8x1qi08eKxeP7qUtQsewXBSY=
x-request-id
c77dc5da-0b9d-44da-8fad-2a84539c4273
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 10 Feb 2021 10:06:20 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGDWy%2B9SVq7SwJhgo8bf4UmGsxBREe5Xo58%2Bm6hRCRKHDniR4Ozn55Tz6nO5Hn10tZXdHofOmsRmiFLmkiMhpdjDxEbg52LIc3nHWyiP%2FU5xxfTwD%2B2Cz3WoqbMUIeBROGO%2BU88x6gHhiYwACQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-r4k2f
access-control-allow-credentials
false
cf-ray
81565f1a094b916e-FRA
x-amz-cf-id
_KDTzcc8PBJConcHb-EdUjkkGzyfFZGQac1iUmfR9rQSq1IaqsoRcQ==
module_40775603651_Blog_Subscription_Section.min.js
blog.pradeo.com/hs-fs/hub/2378615/hub_generated/module_assets/40775603651/1611151651668/ 		761 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs-fs/hub/2378615/hub_generated/module_assets/40775603651/1611151651668/module_40775603651_Blog_Subscription_Section.min.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c178298625a446421360b74aa4f5cef9edb09ec87eeb1715d0d5ca7454e48c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
90GJPHGANF0K8QZY
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"5d1a2725e0191e396f721771f47aebfd"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1611151651668
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
via
1.1 ad2604250e9eed83c372fadb62dfeaca.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
FkUpeW5.rC7S1Oie7XbXrwuY1LgWEtZn
x-amz-cf-pop
IAD61-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
5f79ab54-db87-452d-807b-e05b240f1a9a
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
161
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0RemDbUnDUrI+s3J6pKam0RyAzEJ4ZBd+/kAlsQEwwc+Go+qqi9VguDpwfO6x8rcqrHAOgFzmUk=
x-evy-trace-route-configuration
listener_https/all
x-request-id
5f79ab54-db87-452d-807b-e05b240f1a9a
last-modified
Wed, 20 Jan 2021 14:07:32 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2UHOIqnZdLk8zap8vs%2BfeRmPUGtp6uPeoVWKNWE76BjvbFFJHLegCVCNrqZWVqjlaCdpfc3pxTwDkxW%2FribPcGPFux9z%2BAbQWoHfGSQT4rvrduzpJezDusuTljwKxQ9TtAYZZSp5Y9xmeiFgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-xmwnv
access-control-allow-credentials
false
cf-ray
81565f1a094c916e-FRA
x-amz-cf-id
P0NJjEzOjS-dhEYuWSsN5w2oR6inPSFUDgXFyLarVCvsdD6tjYg0yQ==
2378615.js
blog.pradeo.com/hs/scriptloader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/scriptloader/2378615.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed26067f9c5a06cb1e24b132dccbd1bd04bb0d0b825aba9dd2e9482da67b99eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
36c61af7-c357-42bd-930c-dffa93fb7537
content-encoding
br
x-envoy-upstream-service-time
21
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
36c61af7-c357-42bd-930c-dffa93fb7537
last-modified
Fri, 13 Oct 2023 03:44:50 GMT
server
cloudflare
x-trace
2B33D9A1F3DCAA5AEA10BEC9479073101765B869FD000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://blog.pradeo.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-mflmx
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIMqCWI5CFuhyg6xtAQQP6jLYhT6vhSjucHk5fqJFsQa59z7u%2F7F3RYF1inbC5SsIfvVLJSIXPAN2qj0cO0ETbX6rH8%2FlFlAnnzbdMg104%2B5wFomkO4%2Bjr%2BLEjuMbW2p876AbTJEJhQU9tFXxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
81565f1a0951916e-FRA
expires
Fri, 13 Oct 2023 08:57:49 GMT
Wi3sMwdYLpC5EfGSMBQz
ws.zoominfo.com/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/Wi3sMwdYLpC5EfGSMBQz
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2e007493890f3c0df363cc5924ce73d598e5b35200fe189f8b03b4b482ccdeca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
81565f1a9fffbbc2-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc
h3=":443"; ma=86400
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.pradeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:45:30 GMT
x-content-type-options
nosniff
age
263479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 07:45:30 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.pradeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 07:52:07 GMT
x-content-type-options
nosniff
age
522282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 07:52:07 GMT
fontawesome-webfont.woff
static.hsappstatic.net/content_shared_assets/static-1.3779/fonts/ 		82 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/content_shared_assets/static-1.3779/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs-fs/hub/2378615/hub_generated/template_assets/40775681226/1613135024221/Marketplace/Awwal_Design/Awwal_-_Modern_Blog_Listing_Template/Coded_Files/Awwal_Modern_Blog_Listing_Template.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ffd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.pradeo.com/
Origin
https://blog.pradeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
x-amz-version-id
null
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
1664965
x-cache
Hit from cloudfront
x-amz-meta-access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
83760
last-modified
Wed, 24 Sep 2014 02:18:25 GMT
server
cloudflare
etag
"fdf491ce5ff5b2da02708cd0e9864719"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5TAs2s%2FQrdnazQ4ep8UQ8dcNOTklRAsKyZdNHACN8hacqtYkRptJqzI3bW4tgIbXZsedM4MH0agTK6UvV97VWfBHx2B2AVWjYysgFGDy0mTnp0vk0xZFHraXjFz5Os88Y4mbuvbP3B2fr22XKFJwT1TEiI%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81565f1abec637de-FRA
x-amz-cf-id
7U1nVNEbkM1KGqzmSzhfU20BYkZdVlcOTGE_QGdrzFBDrN4Pjm3O4g==
expires
Sat, 12 Oct 2024 08:56:49 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.pradeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 00:08:32 GMT
x-content-type-options
nosniff
age
118097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 00:08:32 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.pradeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:37:29 GMT
x-content-type-options
nosniff
age
195560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8668
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Oct 2024 02:37:29 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.pradeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:56:09 GMT
x-content-type-options
nosniff
age
50440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:56:09 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.pradeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 07:35:17 GMT
x-content-type-options
nosniff
age
4892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 07:35:17 GMT
ransomware_shema2.jpg
blog.pradeo.com/hs-fs/hubfs/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.pradeo.com/hs-fs/hubfs/ransomware_shema2.jpg?width=773&name=ransomware_shema2.jpg
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89286821e0fd7d8be18f4bddd3c63a10b847b39247f22c2bfd318846564822b4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-42311138936,P-2378615,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
11580
cf-resized
internal=ok/m q=0 n=903+0 c=3+15 v=2023.9.8 l=11580
last-modified
Tue, 02 Mar 2021 10:29:01 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfCtnxdQ5CUno01oNl8bNU-t1j67V5DDevPoteAuI0DQ:090c77c90fa995b37502e5de40903350"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRz82V3HFv0IwkSHa%2BGCrMYXQzAsTxze3ougbMR5JjdKKt3Vc%2FC9QMUTDzcTfUKTml1Px4uEVAM0TodJlN4WyWKlrjd5IUiU3HlYByCmCKDycuenjP4fHNcnqEhoTWuScgrUPJBji6mv5GOcaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
81565f1a499a916e-FRA
ransomware_shema1.png
blog.pradeo.com/hs-fs/hubfs/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.pradeo.com/hs-fs/hubfs/ransomware_shema1.png?width=773&name=ransomware_shema1.png
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
534be40f85bc6c0533ee859e4649b9b00d75f6ecc184a5d946ad71a6b3aa4bc4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-42310116996,P-2378615,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
19640
cf-resized
internal=ok/m q=0 n=860+0 c=2+28 v=2023.9.8 l=19640
last-modified
Tue, 02 Mar 2021 10:29:01 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"cfsOdtc4E0KfUBvI2mwQclQyvk67V5DDevPoteAuI0DQ:6aba2d5eb26d39669103a17de9685f25"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAUquiUshRj5TM23BUOG8GqbzGMDnUcZ211h%2BEFXYGvx77yQ74SH2XmarSZbKnC4Cpf63DN7nqMy%2BmBml7rqP9nuwGKXNF4bLf4LDMINfaacR7yivyGheDuToMJrzdpjmfLCyI6Ll77QBjVmpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
81565f1a499d916e-FRA
json
blog.pradeo.com/_hcms/forms/embed/v3/form/2378615/caf050a8-9ff7-4223-8e7a-0bad8656b2b9/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/_hcms/forms/embed/v3/form/2378615/caf050a8-9ff7-4223-8e7a-0bad8656b2b9/json?hs_static_app=forms-embed&hs_static_app_version=1.3938&X-HubSpot-Static-App-Info=forms-embed-1.3938
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/_hcms/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fd610136aac526d88534f65e14749358d971f5549c0b9d3cfbb92ef23a458
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-origin-hublet
na1
date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
cc8e7a75-be72-4e2c-8e6b-d301f171f280
content-encoding
br
x-envoy-upstream-service-time
16
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
cc8e7a75-be72-4e2c-8e6b-d301f171f280
server
cloudflare
x-trace
2B07F77F92277F8BE5C3C1E2F4EFD7AF3AFABC67EB000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-max-age
180
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-lmntd
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bdtUS0CrBc%2BV9x7Wf6cBDi4xNRYpSfn%2F1x3MhIqHMAN6%2FxV8Hx6HD6KC1OQxHMoxaTLNJ73F6%2FE5O%2FUTwg3YzO%2FEhECF068hfCmPM%2F84Bqk28r4RYWxLJxrz%2FXWNABgnrQLMBacrgyDAsWJxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
81565f1afa3c916e-FRA
access-control-allow-headers
*
x-robots-tag
none
json
blog.pradeo.com/_hcms/forms/embed/v3/form/2378615/caf050a8-9ff7-4223-8e7a-0bad8656b2b9/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/_hcms/forms/embed/v3/form/2378615/caf050a8-9ff7-4223-8e7a-0bad8656b2b9/json?hs_static_app=forms-embed&hs_static_app_version=1.3938&X-HubSpot-Static-App-Info=forms-embed-1.3938
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/_hcms/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fd610136aac526d88534f65e14749358d971f5549c0b9d3cfbb92ef23a458
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-origin-hublet
na1
date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
34c4e2e1-c35d-445c-a529-607d2ac4a1b4
content-encoding
br
x-envoy-upstream-service-time
21
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
34c4e2e1-c35d-445c-a529-607d2ac4a1b4
server
cloudflare
x-trace
2B02ED85AA63893CD43B05F598944F472DEC0EF6BD000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-max-age
180
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-x2zdh
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFsa8vXzNqUcDmeBcn3g7wO21DFU2L6rRhDl6tIT1d1b3%2BLATeIKMk%2B8lHrvKTsRP9qaT0hlQCS65NIlPxYfwCzjxDtePbtR%2FmK11Rk3O7Pe5vovjAXoYorXRtQamN92UCNiKXLwmwjCMHQffg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
81565f1b0a42916e-FRA
access-control-allow-headers
*
x-robots-tag
none
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 08:56:49 GMT
Content-Encoding
gzip
Age
240
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (frb/6727)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=2378615&callback=jsonpHandler
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
no-sniff
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
014aa9a1-a5fb-4c7a-88a1-3224b25ede42
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=81565f1b0b8a4d4f&resource=unknown"
x-evy-trace-listener
listener_https
x-request-id
014aa9a1-a5fb-4c7a-88a1-3224b25ede42
server
cloudflare
x-trace
2B63B21C95A85B1EF3BB1702C4E245BFA294B6F159000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-wh2kt
x-evy-trace-virtual-host
all
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
81565f1b0b8a4d4f-FRA
postlisting
blog.pradeo.com/_hcms/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/_hcms/postlisting?blogId=4214981702&maxLinks=5&listingType=popular_all_time&orderByViews=true&hs-expires=1728255860&hs-version=2&hs-signature=AJ2IBuFZul7VWAae2qiFIHxwMLp0JaZipg&currentUrl=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware%3Futm_medium%3Demail%26_hsmi%3D278111799%26_hsenc%3Dp2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio%26utm_content%3D278111799%26utm_source%3Dhs_email
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa4ead81c51f810f9736a5c1620dce82bb3ce8ecd7b7e65c43e7a9b1829c09d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d712cc4e-e2bd-4e79-8436-9150e21551e3
content-encoding
br
x-envoy-upstream-service-time
24
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d712cc4e-e2bd-4e79-8436-9150e21551e3
last-modified
Fri, 13 Oct 2023 08:56:49 GMT
server
cloudflare
x-trace
2B35D024F618171B54EEBBD0E12844909E3A9F9574000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPR25V%2BF1lTngOFBrk%2BW3x7xj%2FdIdA7iOY6UlveITcm1WqqFmQijhDyet8pD3sjz8MMRmuXcWe8DQ6%2F9P8aVVGuqwr783iZMv3VvDd0qnRAZdGQNueYURMmx3iv1E1ynSbDpMrkaw7Fh1xpzzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
x-evy-trace-served-by-pod
iad02/cms-10-19-td/envoy-proxy-5d6cd77679-2jfd2
x-evy-trace-virtual-host
all
access-control-allow-credentials
false
cf-ray
81565f1b2a61916e-FRA
x-robots-tag
none
postlisting
blog.pradeo.com/_hcms/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/_hcms/postlisting?blogId=4214981702&maxLinks=5&listingType=recent&orderByViews=false&hs-expires=1728255860&hs-version=2&hs-signature=AJ2IBuG8F1NCajJpogtWdlqbHMLcQb5fgw&currentUrl=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware%3Futm_medium%3Demail%26_hsmi%3D278111799%26_hsenc%3Dp2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio%26utm_content%3D278111799%26utm_source%3Dhs_email
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
913bae30a5889fc883678240ae5a1a95166ef63f71341f384b3ea22ed9f86767
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1fcc069f-cabc-49a4-b005-425631953446
content-encoding
br
x-envoy-upstream-service-time
22
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1fcc069f-cabc-49a4-b005-425631953446
last-modified
Fri, 13 Oct 2023 08:56:49 GMT
server
cloudflare
x-trace
2BBB092837713B149D98811999F2A60DEB00FED352000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGkiE6PNBCo0Wd3OasPotCvJXX%2BHLVt%2BnwNVYYFuyOVsaSYGSA7B8LpAvVp%2BK41lEVLf3yYr4QbHOEqYIlVwzqw2O4xK5pabPgCExFz4zvjvdbTIUDjBXLQ6pHQ9FH7W5C0y97Lp1ryoKzRQOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
x-evy-trace-served-by-pod
iad02/cms-10-19-td/envoy-proxy-5d6cd77679-2w6b6
x-evy-trace-virtual-host
all
access-control-allow-credentials
false
cf-ray
81565f1b2a62916e-FRA
x-robots-tag
none
cta-json
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware&pageId=42224642964&pid=2378615&sv=cta-embed-js-static-1.226&utm_medium=email&rdy=1&cos=1&df=t&pg=ad3111b0-9454-41ff-91f4-9eee95b1f08f
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a14b652cd1032bb2fb8c97d2d336eb05a4bc698f6d6f13126dc068dcf8584fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-origin-hublet
na1
date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1a383192-d745-4ebc-ab36-4e14a40eeab8
content-encoding
br
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1a383192-d745-4ebc-ab36-4e14a40eeab8
server
cloudflare
x-trace
2B0D7619FE680D5C1DDCF10774871AF1A223C7F859000000000000000000
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://blog.pradeo.com
x-evy-trace-virtual-host
all
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-lmntd
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7e5pAmvFvc4aFifgI2n%2BSZiyaufx5NMvOL0Fy9wYHXHle%2FJ9Cpz8MTRO5IWzF%2Fzto1P7QwfhivsIHkMoQF1GahKd5TP44NNaXesponda%2BJVroxOxVNhIVmRAI%2BTgS7MoKiKv8Y0T2f7BNumOyzpapZenC2Px1akLzs%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
81565f1b3bb44d4f-FRA
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/scriptloader/2378615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e4a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
x-amz-version-id
MiORZOji2P27E5f3usS102mv5dcg0lYn
via
1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
268
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.485/bundles/pixels-release.js&cfRay=8156588f8ab49bca-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
de625faf-0cbd-46aa-9c1c-6cc9414cc4d9
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
de625faf-0cbd-46aa-9c1c-6cc9414cc4d9
last-modified
Tue, 19 Sep 2023 08:21:28 UTC
server
cloudflare
etag
W/"1bce211846e6a6691aa314979e0a21fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-hgw6b
cf-ray
81565f1bdc2790f4-FRA
x-amz-cf-id
WU0PuaMXVx7ttchXsTe1JHkf-8sgeDR-JOGS5XCGtkGDViy6DECPpw==
x-hs-target-asset
adsscriptloaderstatic/static-1.485/bundles/pixels-release.js
2378615.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2378615.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/scriptloader/2378615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea84bf0882f2c7212983240b3f86f38c87370748f9f15683ea6f42e9ff09a04c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
x-amz-version-id
xhspovn0hD8nlz9zr8lrpEeZqTxjj0Pq
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
N0BP0HHTJGYGN45D
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
512aa49b-6bc6-4856-9454-25b4fa0461ca
age
106
x-envoy-upstream-service-time
32
x-amz-id-2
u2rBIUX7/t7DWdXy+I5MrZwQikqmqXLX6p1SWfFMHaP0mjKb9Yh6gwB6vW2fXFXXbwScoGWAplGQ7ICZN8i1dMkwcoPjAjLHCbytYJcill0=
x-evy-trace-listener
listener_https
x-request-id
512aa49b-6bc6-4856-9454-25b4fa0461ca
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 13 Sep 2023 14:11:27 GMT
server
cloudflare
etag
W/"b514126d6b20fbdac447cd15c6fb39ec"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.pradeo.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-snk2v
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
81565f1bce2965de-FRA
expires
Fri, 13 Oct 2023 09:00:03 GMT
conversations-embed.js
js.usemessages.com/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/scriptloader/2378615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e7b81bac41ad0da1d3f4a3498669f984e84db9d54eedf10e8e7d5b059c5d08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
x-amz-version-id
q7mMdyrgJRb2V1PNW0MT.lJmDYHWhi5r
via
1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
493
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14392/bundles/project.js&cfRay=815653137bfa2c27-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
4464eb2c-c65d-4c18-a95b-2323b4662c5f
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4464eb2c-c65d-4c18-a95b-2323b4662c5f
last-modified
Tue, 10 Oct 2023 02:47:57 UTC
server
cloudflare
etag
W/"8150bb6bff68cbcd9e5f8f6c23b586ae"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-wh2kt
cf-ray
81565f1bd92c2c42-FRA
x-amz-cf-id
JliTtajHL-aJyQTyhJfH6tfSI_hCt33MPiKe9bc4HQReKdR8LmR9Tg==
x-hs-target-asset
conversations-embed/static-1.14392/bundles/project.js
2378615.js
js.hs-analytics.net/analytics/1697187300000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1697187300000/2378615.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/scriptloader/2378615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c04ca4191215fe0261ddec99ea680e009e5bf234b8e09a7c65da59ccf74235

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
5QE7SMC29FCJF3PZ
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
1fca1d82-36f3-42aa-a885-4e560b6396b2
x-envoy-upstream-service-time
33
x-amz-id-2
FUPiDcB3tnbeDIX0PdnCLVHiEzMHX+xOtbR80+cLA9eb0RtcrT6iHy2ftlrauIm4OE2w5BpI8BOmYpg14V4Jfg==
x-evy-trace-listener
listener_https
x-request-id
1fca1d82-36f3-42aa-a885-4e560b6396b2
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 12 Oct 2023 14:57:25 GMT
server
cloudflare
etag
W/"b58d41f520fa291d4166a6db96c41a91"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-8ghtd
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
81565f1bdbc3bb37-FRA
expires
Fri, 13 Oct 2023 09:01:49 GMT
leadflows.js
js.hsleadflows.net/ 		540 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/scriptloader/2378615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b399c5e2375b9f5d108af3cc74f7d665747a5d1955f5fde2db7f110b30a1f65e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Origin
https://blog.pradeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-encoding
br
age
1081
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js&cfRay=815644bb9de43653-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"b41828c438dcec976b93ddee1edebd6d"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js
date
Fri, 13 Oct 2023 08:56:49 GMT
x-amz-version-id
w9qtR_oGTBab1H9Wt5L5qiHDqxRKIaLE
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
2e39eeb9-2931-4d56-8459-5e66d99505ee
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
4
x-evy-trace-route-configuration
listener_https/all
x-request-id
2e39eeb9-2931-4d56-8459-5e66d99505ee
last-modified
Mon, 04 Sep 2023 12:55:59 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-s4jft
cf-ray
81565f1bd93f373e-FRA
x-amz-cf-id
9Hw2LaWaTobdOge8MExDqmKiWRS6DG027siQK5Vn30vSziKIuEsIvA==
collect
region1.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-728CP3087N&gtm=45je3ab0&_p=53716108&gcs=G100&gdid=dZTQ1Zm&cid=560292978.1697187409&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697187409&sct=1&seg=0&dl=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware%3Futm_medium%3Demail%26_hsmi%3D278111799%26_hsenc%3Dp2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio%26utm_content%3D278111799%26utm_source%3Dhs_email&dt=Smartphones%20and%20tablets%20%3A%20An%20open%20door%20to%20ransomwares&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-728CP3087N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 08:56:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.pradeo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame 1187 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fblog.pradeo.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
303852
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 08:56:49 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67F2)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
cta-loaded.js
blog.pradeo.com/hs/cta/ctas/v2/public/cs/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2378615&pg=ad3111b0-9454-41ff-91f4-9eee95b1f08f&lt=1697187409026&dt=1697187409027&at=1697187409307&an=1
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-origin-hublet
na1
date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
6caec1ce-7383-4909-8fb8-95ac94c2b567
x-envoy-upstream-service-time
6
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
0
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6caec1ce-7383-4909-8fb8-95ac94c2b567
last-modified
Fri, 13 Oct 2023 08:56:49 GMT
server
cloudflare
x-trace
2B7729D0E990ACC8564A772C6390FE2F22CEED86C8000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oritrwK%2Fc%2BsekzCdHDTzg9e0%2FBHSHDl1YtBBccvz8nxQJpaCj4nrA5Imgdq5qjqeQt9EfchCzLuf1ImQIB%2BG4t785emp7wEPxXs1fm1hwRyF01H5DPmMhKVrGPuqxshHRhp%2FUN9bgvWyoEbaLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-x2zdh
x-evy-trace-virtual-host
all
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
cf-ray
81565f1c4ba9916e-FRA
x-robots-tag
noindex, follow
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 08:56:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
5ac1aced-33cf-47dc-8868-d7d781abd4b1
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5ac1aced-33cf-47dc-8868-d7d781abd4b1
Last-Modified
Fri, 13 Oct 2023 08:56:49 GMT
Server
cloudflare
X-Trace
2B61C7A836E32EB445108B79826504CB1CD9ABE594000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-swd7n
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
81565f1cdfe018cf-FRA
911f2f55-c6ff-4b3b-8173-d746aacdf43c.png
f.hubspotusercontent10.net/hubfs/2378615/hub_generated/resized/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.hubspotusercontent10.net/hubfs/2378615/hub_generated/resized/911f2f55-c6ff-4b3b-8173-d746aacdf43c.png
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
864a338345407cb0549ec1c6ef62ac2e4b925427bfa45c08ed11970a504c18f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
fRqhD6CiyjurzRmNy.gh2sPxlaPJX6IR
age
1082
x-amz-cf-pop
FRA56-P7
cf-polished
origFmt=png, origSize=131954
x-amz-request-id
KC10Q95Q3BJ3ZJH5
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-disposition
inline; filename="911f2f55-c6ff-4b3b-8173-d746aacdf43c.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
content-length
72598
x-amz-id-2
V1Ob3Bb6DtXN7/2UGLekoUzm8Uh/9efqm0d0HD5JJHUiHHGPPu60GIz8YRlM6+Or0smnYV1RFjYH4K8oBjpSUA==
last-modified
Wed, 27 Jan 2021 10:23:34 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"199f726771a87ae28b169d17bdededd4"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
81565f1cdb4018df-FRA
x-amz-cf-id
YiNUiwuXpJEZqXcYsRqCtL50ZxbCrOxDKPXXScF8FgIy71HHTwkcTw==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 08:56:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
4bb61286-51ec-4ac2-b46d-4311795d55a1
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4bb61286-51ec-4ac2-b46d-4311795d55a1
Last-Modified
Fri, 13 Oct 2023 08:56:49 GMT
Server
cloudflare
X-Trace
2BE5FD51F558262259273C90A3E71E588A0561A43A000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-w68n2
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
81565f1cdfa62c1c-FRA
view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://blog.pradeo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://blog.pradeo.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
81565f1ceb5d901e-FRA
content-length
0
content-type
application/octet-stream
date
Fri, 13 Oct 2023 08:56:49 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
0
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-fc6l5
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
5f96b419-3dc5-420f-b736-2fa86923ebe7
x-request-id
5f96b419-3dc5-420f-b736-2fa86923ebe7
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/2378615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
70411224-8b86-4c3f-b401-1a1c3bb84dd6
x-envoy-upstream-service-time
20
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
70411224-8b86-4c3f-b401-1a1c3bb84dd6
server
cloudflare
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://blog.pradeo.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary
origin
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-jgkmt
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
81565f1dcc3c901e-FRA
widget
blog.pradeo.com/_hcms/livechat/ 		488 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.pradeo.com/_hcms/livechat/widget?portalId=2378615&conversations-embed=static-1.14392&mobile=false&messagesUtk=4c29fb94793c4c46b1a18f30c87ad7e8&traceId=4c29fb94793c4c46b1a18f30c87ad7e8
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f76969e02e3d97a3d909bef14eedfe674a67504590454fc2a45e4448ffdf67
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ad87b0ff-db0d-46ec-821e-58a76ba58a38
x-envoy-upstream-service-time
10
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ad87b0ff-db0d-46ec-821e-58a76ba58a38
server
cloudflare
x-trace
2B961574100DA2205B602374E06DAABABA9B14D3A1000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-dz5lh
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMvoHbq3Zscb6qCTM2I94Q6CMYD6GvzK3UYqJQHm89r36STVTJfmqaF4B6vVzJz%2BIhOXRD3%2F%2B3p7m26%2Ff4qykHZSQ2SS%2Fd42DfzNRINp8d1oew9nez6henCmK33Mke9AkedHVlbFpKQnuhRWdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
81565f1c7be0916e-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
settings
syndication.twitter.com/ Frame 1187 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=5963ffd12f1ca5dd3ecacc9f834c549c863c15d1
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fblog.pradeo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
104
date
Fri, 13 Oct 2023 08:56:49 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 13 Oct 2023 08:56:49 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
4f9bd9ed65c8116f
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
ec8f24a52fdc88e68c1bf82d8ed67201c1a144f9769049b67dc348567b55b1b8
content-length
337
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 08:56:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
da9c1ad5-95cf-4f5a-8359-2c98f62690c6
x-envoy-upstream-service-time
10
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
da9c1ad5-95cf-4f5a-8359-2c98f62690c6
Server
cloudflare
X-Trace
2B50EE1B627FB85106574B9157FDB956D75F588E0A000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-jt4pd
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
81565f1f4b1a994b-FRA
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: blog.pradeo.com
URL: https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 08:56:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
6d9b7d19-afd0-4d3f-86f2-33e1114266d1
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6d9b7d19-afd0-4d3f-86f2-33e1114266d1
Server
cloudflare
X-Trace
2BCD734C2F8347509288B007206B8016AFBB07CC45000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-97gbm
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
81565f1f4e883a60-FRA
__ptq.gif
track.hubspot.com/ 		45 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857904254&v=1.1&a=2378615&pi=42224642964&ct=blog-post&ccu=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware&cpi=42224642964&cgi=4214981702&lpi=42224642964&lvi=42224642964&lvc=en-us&pu=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware%3Futm_medium%3Demail%26_hsmi%3D278111799%26_hsenc%3Dp2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio%26utm_content%3D278111799%26utm_source%3Dhs_email&t=Smartphones+and+tablets+%3A+An+open+door+to+ransomwares&cts=1697187409966&vi=a074079965002d245153aedd19cee5db&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
62090cb3-18d0-4ca0-9cd6-383bcab27b2c
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
6
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
62090cb3-18d0-4ca0-9cd6-383bcab27b2c
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17eIM2%2B64HShcouIyFAbxDRJjgC9P0z22aqdlvIJyz7BL9lo6xAsMi%2Bo5Sif6ia%2FgJFxBHRvoV6WUojE246BpQLAI0qr2wo97XjGiCag9vqcQ5M6yacOVcG0RTQp%2FfVn48LA5yQm9FHxdnnTDeJV"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-mxv56
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
81565f2079fb4d4f-FRA
x-robots-tag
none
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
e8e8c520-1450-45b3-98f9-7b12f58431da
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e8e8c520-1450-45b3-98f9-7b12f58431da
last-modified
Fri, 13 Oct 2023 08:56:50 GMT
server
cloudflare
x-trace
2B52EF50853551790BA50CC2482CBD9D36C935F1F8000000000000000000
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-rwf2n
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
81565f20bdf73731-FRA
__ptq.gif
track.hubspot.com/ 		45 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22ad3111b0-9454-41ff-91f4-9eee95b1f08f%22%2C%222c8dcc53-ca95-4ec6-ac2f-2eb48903709b%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857904254&v=1.1&a=2378615&pi=42224642964&ct=blog-post&ccu=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware&cpi=42224642964&cgi=4214981702&lpi=42224642964&lvi=42224642964&lvc=en-us&pu=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware%3Futm_medium%3Demail%26_hsmi%3D278111799%26_hsenc%3Dp2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio%26utm_content%3D278111799%26utm_source%3Dhs_email&t=Smartphones+and+tablets+%3A+An+open+door+to+ransomwares&cts=1697187409969&vi=a074079965002d245153aedd19cee5db&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
807fa122-c681-40a6-8dc5-6f52250f7304
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
10
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
807fa122-c681-40a6-8dc5-6f52250f7304
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoP8TBMHn9POwZYUlKktmGXf6M4DDuZIk86%2BGABYjTf3UnsEmCtQz6feZyC7tJHtQ7CQdv2Rl3cwFgWvdeplnwS5KImOB7%2Bp4LKaVfOAsNsgPk2Oywh%2FkJtp6WqZQnxw34XNbytIrEDkLW1Ydj3%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-s2f9n
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
81565f2079f64d4f-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=caf050a8-9ff7-4223-8e7a-0bad8656b2b9&fci=299a6a92-3012-4f43-9d74-d98c7484275a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857904254&v=1.1&a=2378615&pi=42224642964&ct=blog-post&ccu=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware&cpi=42224642964&cgi=4214981702&lpi=42224642964&lvi=42224642964&lvc=en-us&pu=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware%3Futm_medium%3Demail%26_hsmi%3D278111799%26_hsenc%3Dp2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio%26utm_content%3D278111799%26utm_source%3Dhs_email&t=Smartphones+and+tablets+%3A+An+open+door+to+ransomwares&cts=1697187409972&vi=a074079965002d245153aedd19cee5db&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
65b0d0d4-2427-4562-9745-3093b2df5fce
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
65b0d0d4-2427-4562-9745-3093b2df5fce
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWzxA604oYUHAj1WrNOrYLquapuTY4GhdS4GB6kLIp%2BY0kXjWtsswYNiX2Lg5OIsbqHO%2B5PzeeNgz1%2BOFI8eTtWmXPIZUpfqirbWYMYpEP1wXlcA19tF9gzYsR3BDoPsjClAi6ezPT9IPQemu7FS"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-lsbhc
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
81565f207a014d4f-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=caf050a8-9ff7-4223-8e7a-0bad8656b2b9&fci=299a6a92-3012-4f43-9d74-d98c7484275a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857904254&v=1.1&a=2378615&pi=42224642964&ct=blog-post&ccu=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware&cpi=42224642964&cgi=4214981702&lpi=42224642964&lvi=42224642964&lvc=en-us&pu=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware%3Futm_medium%3Demail%26_hsmi%3D278111799%26_hsenc%3Dp2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio%26utm_content%3D278111799%26utm_source%3Dhs_email&t=Smartphones+and+tablets+%3A+An+open+door+to+ransomwares&cts=1697187409974&vi=a074079965002d245153aedd19cee5db&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:56:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5d5b335d-f7ea-47ba-a8d2-6b60ee72e509
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
16
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5d5b335d-f7ea-47ba-a8d2-6b60ee72e509
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgarcVdfJgwjobh64DKPiJ7oxLts1EKmtz32IJiHFFwqAMrEC3TCNy5zD2zLOacNVP7XQqVwEzJxZZV%2FRnfb1YIxOItRUHGYFl%2Bn%2F9A1aiSaIX%2BekB%2BEaILeNI4rPa0Diuvay8at0z%2FGnWCx3vBp"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-pptkh
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
81565f208a0a4d4f-FRA
x-robots-tag
none
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-728CP3087N&gtm=45je3ab0&_p=53716108&gcs=G100&gdid=dZTQ1Zm&cid=560292978.1697187409&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1697187409&sct=1&seg=1&dl=https%3A%2F%2Fblog.pradeo.com%2Fmobile-security-ransomware%3Futm_medium%3Demail%26_hsmi%3D278111799%26_hsenc%3Dp2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio%26utm_content%3D278111799%26utm_source%3Dhs_email&dt=Smartphones%20and%20tablets%20%3A%20An%20open%20door%20to%20ransomwares&en=page_view&_ee=1&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-728CP3087N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.pradeo.com/mobile-security-ransomware?utm_medium=email&_hsmi=278111799&_hsenc=p2ANqtz-8eQdbTBSxsj-0IsORQ33AggJo7F0jeFmRqqlTcClDW6DHghW1zHklxTLJap_KHIW3c-VeinC6M2YKyqL5yD8G6g_klamdwhUE96rp7uFq-WRRWUio&utm_content=278111799&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 08:56:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.pradeo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery function| hsjQuery function| gtag object| _hsp object| dataLayer boolean| _hsGoogleConsentRunOnce object| __core-js_shared__ object| Sslac object| IN object| _hsq object| hbspt object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_3985512 function| i18n_getmessage function| i18n_getlanguage undefined| module_31925527217 object| hubspot object| HubSpotForms object| hsFormsOnReady object| hsPostListings function| hsPopulateListingFeed function| hsOnReadyPopulateListingFeed_1739993330_1696719860092 function| hsOnReadyPopulateListingFeed_1159489982_1696719860098 function| jsonpHandler object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal boolean| PIXELS_RAN object| enabledEventSettings object| __twttrll object| twttr object| __twttr boolean| _hspb_ran boolean| _hspb_loaded object| ziws boolean| hubspot_live_messages_running object| HubSpotConversations object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime

6 Cookies

Domain/Path Name / Value
.blog.pradeo.com/ Name: __cf_bm
Value: OnxtWJFL2rYS5tFgfFTaauVvaGuMzJCvnXXDFbCdIL8-1697187408-0-AcoAKjjcv9PFOxsf22IpERJFEWi48GhjgMDXs+FPOkXsJb2ZNW7Z+iFZ3AHST3w6on4DOJGjj1ii9R/ur5P4+JE=
.blog.pradeo.com/ Name: __cfruid
Value: fb38c207b4b0600454a342ee98abbbdf2b362a13-1697187408
.hubspot.com/ Name: __cf_bm
Value: mkP.3CN0foa_8FeXKLf2Nezr0bUlUZM2O3mqL3TMLtI-1697187409-0-AcuB9O/1hKzUIhttFCGjc/I2okHN/gnv3L4bVFsrvZsSFaxRaIU3Im+pv1/9rK/Xh09EN4/lQQkeGvx7nCtPrZY=
.ws.zoominfo.com/ Name: visitorId
Value: f0a828085eda96d1c0ace913cb6f81cce0b561c02fa925b83f81814496383dd6
.zoominfo.com/ Name: __cf_bm
Value: TVXPDyMuyJU8KkU8VF07jIEwj38ODVoqDEmeSlNL_IA-1697187409-0-AReeS7tx8aghS6fAtZVMqA1b29uRYi2TXFd9HZyY0kO+JtRRSmskRvIzpOYYZrmpddfgUls7CktvuhlOIqM++Xc=
.zoominfo.com/ Name: _cfuvid
Value: wHWnQn1Anm4k26tfEGt1FnCUZxhbYIrlGPK_ADKsLwA-1697187409287-0-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3067823.fs1.hubspotusercontent-na1.net
app.hubspot.com
avatars.hubspot.net
blog.pradeo.com
cdn2.hubspot.net
cta-service-cms2.hubspot.com
f.hubspotusercontent10.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
js.usemessages.com
no-cache.hubspot.com
perf.hsforms.com
platform.linkedin.com
platform.twitter.com
region1.google-analytics.com
static.hsappstatic.net
syndication.twitter.com
track.hubspot.com
ws.zoominfo.com
www.googletagmanager.com
104.244.42.72
2001:4860:4802:32::36
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67e1
2606:4700:4400::ac40:9284
2606:4700:4400::ac40:991b
2606:4700::6810:4fba
2606:4700::6810:6ed1
2606:4700::6810:890f
2606:4700::6811:cff9
2606:4700::6811:e4a3
2606:4700::6811:f8a8
2606:4700::6812:4ffd
2606:4700::6812:7b0c
2606:4700::6812:a07d
2606:4700::6812:c07d
2606:4700::6813:9a53
2606:4700::6813:f912
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2008
0207b82347c4b660ae85f31e3d8db808590860caad8aa124fad79e83a9e26646
07203d572b683bdf93cffa784ffa0268e99e5d19ac3a5fd35809e48ba4e05b76
0aebc0ae8f8ad29477300b927572100346977d52275b17d941aec8eb013de929
109d4e6b53fc6ddfe1ff1b962eeddb39e067fb151f065a898db11a2a92523cb1
10e7b81bac41ad0da1d3f4a3498669f984e84db9d54eedf10e8e7d5b059c5d08
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
26c178298625a446421360b74aa4f5cef9edb09ec87eeb1715d0d5ca7454e48c
279817a125934c4629aa278564e64fca0dcb0fdc45f38739e38c9cab297d2a92
2a14b652cd1032bb2fb8c97d2d336eb05a4bc698f6d6f13126dc068dcf8584fd
2e007493890f3c0df363cc5924ce73d598e5b35200fe189f8b03b4b482ccdeca
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3089a512817e0a096709ceeeb27b260267ba4e6240ffe7e3199fa5d8f639c850
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
3726f6f71175b54abf48e8863b8634461bcbf34831f7c1b0a1d11e2604782b3a
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
52f76969e02e3d97a3d909bef14eedfe674a67504590454fc2a45e4448ffdf67
534be40f85bc6c0533ee859e4649b9b00d75f6ecc184a5d946ad71a6b3aa4bc4
61c04ca4191215fe0261ddec99ea680e009e5bf234b8e09a7c65da59ccf74235
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
76f07f3501069f6430960fd6aa9af2e8b9ee3cf41044cdc25d18f8c2950b7945
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
864a338345407cb0549ec1c6ef62ac2e4b925427bfa45c08ed11970a504c18f8
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89286821e0fd7d8be18f4bddd3c63a10b847b39247f22c2bfd318846564822b4
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
913bae30a5889fc883678240ae5a1a95166ef63f71341f384b3ea22ed9f86767
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
a1f58a3e48f23d9036625e9f26553d5da8f45516cf308b6ae6fb2b0fe0d13b4e
a359de822aa23221feaafd35d63cb804766bcc0f2bbb9e152d7a1a9fbf260057
a4db97eb52ad81fd7ffc1556691bcaf6087e1a04645317baa6c07e25edc83b38
a835950d18dec999a3aa4741f3172c2841cadddc1801c907d3c50b524c41fcf3
aaa4ead81c51f810f9736a5c1620dce82bb3ce8ecd7b7e65c43e7a9b1829c09d
af0430013de6da013d5101a34895e25b5202559bb79950ccce879ea511a8c197
b1d52f04728180feba25c81c41a44dcf093ed4ef603b3ee47c23b9a0baf7d327
b399c5e2375b9f5d108af3cc74f7d665747a5d1955f5fde2db7f110b30a1f65e
b63fd610136aac526d88534f65e14749358d971f5549c0b9d3cfbb92ef23a458
c7d2435a17074fcf9d68f3dc278cdcdbaa0591d4dc6df866c6dd1f4b4f57d2ab
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d56743ec90478af9096365a4bec0188284af6030aac0889895139f8a7fb794fb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f62ea39d88b892aeda6480442d454ef8600da13390b6c9dcdb7d9e66295d8b
ea84bf0882f2c7212983240b3f86f38c87370748f9f15683ea6f42e9ff09a04c
ed26067f9c5a06cb1e24b132dccbd1bd04bb0d0b825aba9dd2e9482da67b99eb
f44a0999dce72299487d3cb56bdfbb90e3f82dd9e501d37a82deec19b482d8ad
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2