blog.esper.io Open in urlscan Pro
192.0.78.137 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
Submission: On May 04 via api (May 4th 2022, 6:15:13 pm UTC) from US — Scanned from DE

Summary HTTP 106 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 26 domains to perform 106 HTTP transactions. The main IP is 192.0.78.137, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is blog.esper.io.
TLS certificate: Issued by R3 on March 23rd 2022. Valid for: 3 months.

This is the only time blog.esper.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	192.0.78.137 192.0.78.137	2635 (AUTOMATTIC) (AUTOMATTIC)
26	2600:9000:205... 2600:9000:2057:8000:12:7b21:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
6	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	108.157.4.83 108.157.4.83	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	35.81.67.28 35.81.67.28	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.121.54 13.32.121.54	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.45 108.157.4.45	16509 (AMAZON-02) (AMAZON-02)
14	2600:9000:225... 2600:9000:225f:dc00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.247.147.99 34.247.147.99	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.48 18.66.192.48	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
106	38

5 192.0.78.137 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.esper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:2057:8000:12:7b21:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.blog.esper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-83.dus51.r.cloudfront.net

global.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.81.67.28 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-67-28.us-west-2.compute.amazonaws.com

esper.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

blog-esper-io.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-54.fra60.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:225f:dc00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.147.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-147-99.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-48.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	esper.io blog.esper.io www.blog.esper.io	506 KB
15	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 3919 a.disquscdn.com — Cisco Umbrella Rank: 8470	526 KB
11	wp.com c0.wp.com — Cisco Umbrella Rank: 7326 s0.wp.com — Cisco Umbrella Rank: 7196 stats.wp.com — Cisco Umbrella Rank: 3177 pixel.wp.com — Cisco Umbrella Rank: 2695 i0.wp.com — Cisco Umbrella Rank: 3393	75 KB
7	gstatic.com fonts.gstatic.com	120 KB
7	disqus.com blog-esper-io.disqus.com disqus.com — Cisco Umbrella Rank: 2981 referrer.disqus.com — Cisco Umbrella Rank: 6030	65 KB
4	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 5463 track.hubspot.com — Cisco Umbrella Rank: 4194	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 920 script.hotjar.com — Cisco Umbrella Rank: 1202 vars.hotjar.com — Cisco Umbrella Rank: 1251 in.hotjar.com — Cisco Umbrella Rank: 2229	66 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 7740	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3632	565 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 20	642 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65	2 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 401	17 KB
2	okta.com esper.okta.com	2 KB
2	oktacdn.com global.oktacdn.com — Cisco Umbrella Rank: 30109	419 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	56 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 6143	906 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3009	256 B
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 8436	25 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4062	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4045	16 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5887	3 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2382	2 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4381	990 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 11255	147 KB
106	26

	Domain	Requested by
26	www.blog.esper.io	blog.esper.io www.blog.esper.io
14	c.disquscdn.com	blog-esper-io.disqus.com disqus.com c.disquscdn.com
7	fonts.gstatic.com	fonts.googleapis.com
6	c0.wp.com	blog.esper.io
5	blog.esper.io	blog.esper.io
4	disqus.com	blog-esper-io.disqus.com c.disquscdn.com
3	track.hubspot.com
3	forms.hsforms.com	js.hsforms.net blog.esper.io
3	fonts.googleapis.com	blog.esper.io
2	www.google.de	blog.esper.io
2	www.google.com	1 redirects
2	pixel.wp.com	blog.esper.io
2	ssl.google-analytics.com	1 redirects blog.esper.io
2	blog-esper-io.disqus.com	blog.esper.io www.blog.esper.io
2	esper.okta.com	global.oktacdn.com
2	global.oktacdn.com	blog.esper.io
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	js.hsadspixel.net
1	api.hubapi.com	js.hsadspixel.net
1	referrer.disqus.com	blog.esper.io
1	a.disquscdn.com	blog.esper.io
1	forms.hubspot.com	js.hscollectedforms.net
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	1 redirects
1	secure.gravatar.com	blog.esper.io
1	i0.wp.com	blog.esper.io
1	static.hotjar.com	blog.esper.io
1	stats.wp.com	blog.esper.io
1	js.hs-scripts.com	blog.esper.io
1	s0.wp.com	blog.esper.io
1	js.hsforms.net	blog.esper.io
106	39

This site contains links to these domains. Also see Links.

Domain
www.esper.io
esper.io
twitter.com
facebook.com
www.linkedin.com
www.blog.esper.io
developer.android.com
support.google.com
cs.android.com
www.prodaft.com
blog.fox-it.com
www.threatfabric.com
www.bleepingcomputer.com
research.checkpoint.com
www.riscure.com
www.xda-developers.com
www.engadget.com
forum.xda-developers.com
www.shutterstock.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
www.blog.esper.io Amazon	`2022-03-17` - `2023-04-15`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-22` - `2023-01-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.okta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-03` - `2023-02-04`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
Frame ID: 7E141C70542DE45822BF34A02C3B62A6
Requests: 88 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 8F76D1FE3FF3385326127A19EF9476B4
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
Frame ID: F84DCAACD43760B7DD01C09E0D4A1378
Requests: 15 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 0A3C99D966B7D8F8FC22B92976394261
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 09AD18D3B1FCB8548EAC1412FBA31D8C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Android 13's sideloading restriction makes it harder for malware to abuse Accessibility APIs

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

106
Requests

98 %
HTTPS

55 %
IPv6

26
Domains

39
Subdomains

38
IPs

4
Countries

2094 kB
Transfer

6094 kB
Size

19
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.esper.io/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://esper.io/signup
Title: Sign up for Esper

Search URL Search Domain Scan URL

URL: https://www.esper.io/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&text=Android%2013%20has%20a%20new%20security%20feature%20that%20blocks%20accessibility%20services%20for%20sideloaded%20apps%2C%20making%20it%20harder%20for%20malware%20to%20steal%20data.

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F

Search URL Search Domain Scan URL

URL: https://www.blog.esper.io/android-13-deep-dive/
Title: in Android 13

Search URL Search Domain Scan URL

URL: https://developer.android.com/guide/topics/ui/accessibility
Title: build apps with accessibility in mind

Search URL Search Domain Scan URL

URL: https://developer.android.com/reference/android/accessibilityservice/AccessibilityService
Title: accessibility service

Search URL Search Domain Scan URL

URL: https://developer.android.com/reference/android/view/accessibility/AccessibilityEvent
Title: certain events

Search URL Search Domain Scan URL

URL: https://support.google.com/accessibility/android/answer/6007100
Title: TalkBack

Search URL Search Domain Scan URL

URL: https://support.google.com/accessibility/android/answer/6301490
Title: Switch Access

Search URL Search Domain Scan URL

URL: https://cs.android.com/android/platform/superproject/+/master:frameworks/base/core/res/res/values/strings.xml;l=4687?q=%22to%20have%20full%20control%20of%22
Title: are warned

Search URL Search Domain Scan URL

URL: https://www.prodaft.com/m/reports/FluBot_4.pdf
Title: FluBot

Search URL Search Domain Scan URL

URL: https://twitter.com/LukasStefanko/status/1373212991903125506
Title: texted users

Search URL Search Domain Scan URL

URL: https://blog.fox-it.com/2022/03/03/sharkbot-a-new-generation-android-banking-trojan-being-distributed-on-google-play-store/
Title: SharkBot

Search URL Search Domain Scan URL

URL: https://www.threatfabric.com/blogs/xenomorph-a-newly-hatched-banking-trojan.html
Title: Xenomorph

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/bianlian-android-banking-trojan-upgraded-with-screen-recorder/
Title: BianLian

Search URL Search Domain Scan URL

URL: https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
Title: S.O.V.A

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2021/pixstealer-a-new-wave-of-android-banking-trojans-abusing-accessibility-services/
Title: PixStealer

Search URL Search Domain Scan URL

URL: https://www.threatfabric.com/blogs/vultur-v-for-vnc.html
Title: Vultur

Search URL Search Domain Scan URL

URL: https://twitter.com/LukasStefanko/status/1498958659174514691
Title: TeaBot

Search URL Search Domain Scan URL

URL: https://twitter.com/linuxct
Title: Sergio Castell

Search URL Search Domain Scan URL

URL: https://www.riscure.com/
Title: Riscure

Search URL Search Domain Scan URL

URL: https://www.xda-developers.com/google-threatening-removal-accessibility-services-play-store/
Title: sent an email to developers

Search URL Search Domain Scan URL

URL: https://www.engadget.com/2017-12-08-google-pauses-crackdown-apps-accessibility-features.html
Title: backed off

Search URL Search Domain Scan URL

URL: https://developer.android.com/guide/topics/text/autofill
Title: Android’s purpose-built APIs

Search URL Search Domain Scan URL

URL: https://support.google.com/googleplay/android-developer/answer/10964491
Title: a new set of requirements

Search URL Search Domain Scan URL

URL: https://developer.android.com/reference/android/accessibilityservice/AccessibilityServiceInfo#isAccessibilityTool()
Title: an accessibility tool

Search URL Search Domain Scan URL

URL: https://forum.xda-developers.com/t/check-access-settings-accessibility-usage-notifications.4368455/
Title: will surface

Search URL Search Domain Scan URL

URL: https://cs.android.com/android/_/android/platform/frameworks/base/+/b98a658c27725fc0dd74a7e302a90dfc95f867f8
Title: shown 24 hours

Search URL Search Domain Scan URL

URL: https://cs.android.com/android/platform/superproject/+/master:frameworks/base/services/accessibility/java/com/android/server/accessibility/AccessibilitySecurityPolicy.java;l=673?q=%22install%20source%22
Title: hasn’t been

Search URL Search Domain Scan URL

URL: https://developer.android.com/reference/android/content/pm/PackageInstaller.Session
Title: session-based package installation API

Search URL Search Domain Scan URL

URL: https://cs.android.com/android/platform/superproject/+/master:frameworks/base/packages/PackageInstaller/AndroidManifest.xml;l=40?q=InstallStart
Title: responds to intents

Search URL Search Domain Scan URL

URL: https://developer.android.com/reference/android/service/notification/NotificationListenerService
Title: notification listener

Search URL Search Domain Scan URL

URL: https://www.shutterstock.com/image-photo/september-4-2021-brazil-this-photo-2035714925
Title: rafapress/Shutterstock.com

Search URL Search Domain Scan URL

URL: https://esper.io/privacy-policy
Title: Esper's Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1821218795&utmhn=blog.esper.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Android%2013%27s%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&utmhid=1378869155&utmr=-&utmp=%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&utmht=1651688108350&utmac=UA-141392027-1&utmcc=__utma%3D198968316.647336019.1651688108.1651688108.1651688108.1%3B%2B__utmz%3D198968316.1651688108.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1262863227&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-141392027-1&cid=647336019.1651688108&jid=1262863227&_v=5.7.2&z=1821218795 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141392027-1&cid=647336019.1651688108&jid=1262863227&_v=5.7.2&z=1821218795 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141392027-1&cid=647336019.1651688108&jid=1262863227&_v=5.7.2&z=1821218795&slf_rd=1&random=3470263845

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/ 114 KB
24 KB 1514ms
1343ms Document
text/html 192.0.78.137
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.137 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

723a65a87d784184c987d808633b0371b282c5857081634e016158a6cadda2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:15:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host-header: WordPress.com
link: <https://blog.esper.io/wp-json/>; rel="https://api.w.org/" <https://blog.esper.io/wp-json/wp/v2/posts/8296>; rel="alternate"; type="application/json" <https://blog.esper.io/?p=8296>; rel=shortlink
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 2.hhn _atomic_ams
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-pingback: https://blog.esper.io/xmlrpc.php

GET
H2 200 style.css
www.blog.esper.io/wp-content/plugins/gutenberg/build/block-library/ 88 KB
12 KB 207ms
25ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/gutenberg/build/block-library/style.css?ver=13.1.0

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e2a9f98f31d7d2b081b530550195397698154d8fd67f37b8077eba05c0c4bb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 18:45:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 84571
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Wed, 27 Apr 2022 23:40:44 GMT
server: nginx
etag: W/"6269d47c-160a3"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: iDGFp7GyqA-6N55kbVyOtrJwv4PE0mNLn3za0fVYOjtWwLs7qcXA0A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/ 11 KB
3 KB 197ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 04 May 2022 18:15:07 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 04 May 2023 18:15:07 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/ 4 KB
1 KB 197ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 04 May 2022 18:15:07 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 04 May 2023 18:15:07 GMT

GET
H2 200 amazonpolly-public.css
www.blog.esper.io/wp-content/plugins/amazon-polly/public/css/ 1 KB
834 B 204ms
23ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/amazon-polly/public/css/amazonpolly-public.css?ver=1.0.0

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e5166861862f7dca0bae810d00a45407760215b70b90696b74b485e27938948d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:39:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 4185365
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Thu, 17 Mar 2022 05:46:06 GMT
server: nginx
etag: W/"6232cb1e-417"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: URKm5ye7_mHaL5r17b-69zM1PhaLQ_ItRelS2TisLwhCCzWaE8O9Ag==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.blog.esper.io/wp-content/themes/gillion/ 271 KB
47 KB 223ms
42ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/style.css?ver=8.0

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

21bfa39adac6fd7a27bc8a5b1a8acfab229af1da017a5be1e20ab42d5144feea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 00:05:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1361369
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Fri, 25 Feb 2022 06:25:33 GMT
server: nginx
etag: W/"6218765d-43b72"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: ry_uOR1ndv-DoOxufq7mBSNKGq2nTM1VDtAOe1miQZy1-OfLGABSaQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
www.blog.esper.io/wp-content/plugins/unyson/framework/static/libs/font-awesome/css/ 30 KB
7 KB 208ms
27ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.26

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:28:35 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 629192
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Fri, 18 Feb 2022 20:23:01 GMT
server: nginx
etag: W/"62100025-7918"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: TpXw7Vn943kXZWFCaUNkAwqrp0GomU44fFgJ8xIisLTD6aUtn-H-IQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 212ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11330a3a18608bcf177f27e819530627b39a8fc6b2d08733c16c6a4717e382f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.esper.io/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 18:15:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 18:15:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 18:15:07 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 bootstrap.min.css
www.blog.esper.io/wp-content/themes/gillion/css/plugins/ 118 KB
20 KB 237ms
57ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:39:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 4185365
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Thu, 16 May 2019 09:04:38 GMT
server: nginx
etag: W/"5cdd27a6-1d975"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: eAXocqnGVkUN3jkCiFfy8lbm2XTYQ_srvTkgdG3l-aejos80mmfg3w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugins.css
www.blog.esper.io/wp-content/themes/gillion/css/ 76 KB
14 KB 243ms
62ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/css/plugins.css?ver=5.9.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bd2627a04f12a741911cd403cc8b1386a3a57bd760d3808f81c32df1c1d994e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 00:05:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1361369
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Thu, 16 May 2019 09:04:38 GMT
server: nginx
etag: W/"5cdd27a6-1302b"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: s1xE4RgIQy6crFXfC5qeXMqwThfOlKuyhn00bttWXmoawRRVZ6vB7Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.blog.esper.io/wp-content/themes/gillion/ 271 KB
47 KB 266ms
86ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/style.css?ver=5.9.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

21bfa39adac6fd7a27bc8a5b1a8acfab229af1da017a5be1e20ab42d5144feea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:14:09 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1386058
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Fri, 25 Feb 2022 06:25:33 GMT
server: nginx
etag: W/"6218765d-43b72"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: JbYFzV-ZDDyrhhMnUDjUTkdkmTFxNCXl0hijoKDbrBwb2XcM3-ZheA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 responsive.css
www.blog.esper.io/wp-content/themes/gillion/css/ 4 KB
1 KB 243ms
63ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/css/responsive.css?ver=5.9.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

56d1d9c225937fdd1f4ce3584a05346febf1e5321777bfab6b281c44c5db5e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 06:58:57 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1422970
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Thu, 16 May 2019 09:04:38 GMT
server: nginx
etag: W/"5cdd27a6-f85"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: 28vSkgHKx7tb3QkHOZTZEPt3TqW8a7ppXTivDA_PtgQfAJQ1zbSDnA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gillion-dynamic-styles.css
www.blog.esper.io/wp-content/uploads/ 11 KB
3 KB 208ms
28ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/uploads/gillion-dynamic-styles.css?ver=689425959

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

575c326ff6431fe44f94cb7f0ceee19d4592c6e09e0a14a3fd6508b46d82fa49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 10:58:12 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 26215
x-cache: Hit from cloudfront
x-ac: 2.hhn _atomic_ams
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 10:57:04 GMT
server: nginx
etag: W/"62725c00-2c2a"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: cIRDUKcSHGafa7qzz1H8VSK9z6723_3LgQJnk0RPEv-DYemiMB0uCA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 212ms
32ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

840a78b0d620229e5e63b7e26068ff3ecd7f314f1972534f6641bc2fc6168846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.esper.io/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 18:15:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 18:15:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 18:15:07 GMT

GET
H2 200 custom-158.css
www.blog.esper.io/wp-content/plugins/waspthemes-yellow-pencil/ 12 KB
3 KB 237ms
58ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/waspthemes-yellow-pencil/custom-158.css?revision=158&ver=5.9.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f685b176dc02f6e359f89e1d2d96d4f8b3be0585f09051afff2e598c4cd09296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 23:46:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2485736
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Tue, 22 Feb 2022 04:22:21 GMT
server: nginx
etag: W/"621464fd-30ee"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: gXqh61s_P3fsZCXp20EOOFl2desi-PB0amBggs_oEwL9x2g9MeTpyA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jetpack.css
www.blog.esper.io/wp-content/plugins/jetpack/css/ 84 KB
17 KB 252ms
72ms Stylesheet
text/css 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/jetpack/css/jetpack.css?ver=10.9-beta2

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

86c8f0ef3d5c51e837bd0c69424d11e9e8522f834e1c18d620073db93b5c79f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 13:24:58 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 535809
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Tue, 12 Apr 2022 17:20:54 GMT
server: nginx
etag: W/"6255b4f6-151d1"
strict-transport-security: max-age=31536000
content-type: text/css
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: HttffCPs4CyZLU0DIZmzvU3HKZ_BwcMOwiMaE3-28VIOgP4aiEfN6g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 videopress-token-bridge.js Show response
www.blog.esper.io/wp-content/plugins/jetpack/modules/videopress/js/ 1 KB
936 B 243ms
63ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/jetpack/modules/videopress/js/videopress-token-bridge.js?ver=6

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b85ee094553ce0149f659a0218a9085df755924b32ca35ee5f42245ab0cd8b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 16:15:18 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1821589
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Tue, 12 Apr 2022 17:20:54 GMT
server: nginx
etag: W/"6255b4f6-49c"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: OzDgwB2VpZt7zOieenDt6enJ3Ashy7i3H2liVKdpOW6VpXKcISuDxQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 87 KB
30 KB 195ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 04 May 2022 18:15:07 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 04 May 2023 18:15:07 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 11 KB
4 KB 195ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 04 May 2022 18:15:07 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 04 May 2023 18:15:07 GMT

GET
H2 200 amazonpolly-public.js Show response
www.blog.esper.io/wp-content/plugins/amazon-polly/public/js/ 210 B
630 B 252ms
73ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/amazon-polly/public/js/amazonpolly-public.js?ver=1.0.0

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d28401c309de2ee15d69288f6d8a89bba4a5491d094aca5822a2e7033d5b40a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 23:17:37 GMT
x-ac: 2.hhn _atomic_ams
age: 1364250
x-cache: Hit from cloudfront
content-length: 210
last-modified: Thu, 17 Mar 2022 05:46:06 GMT
server: nginx
etag: "6232cb1e-d2"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: ef9gJcyVfAwoJeCDoKKt4dAj-7Xd9t2LpdKgkCioF3YBw-NVeYdPxw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lar-public.js Show response
www.blog.esper.io/wp-content/plugins/links-auto-replacer/public/js/ 815 B
893 B 251ms
73ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/links-auto-replacer/public/js/lar-public.js?ver=2.0.0

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0d17fc85d22eb1f6c056ea79c018062eda0f312350c68c836364dc082b9a06bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:39:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 4185365
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Wed, 19 Jan 2022 11:07:01 GMT
server: nginx
etag: W/"61e7f0d5-32f"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: dBk4YoY2XEyJNx4b6dkcFByvqYW3yfzTefHHy9yEWsi7RLdscIKjTw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugins.js Show response
www.blog.esper.io/wp-content/themes/gillion/js/ 285 KB
74 KB 253ms
75ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/js/plugins.js?ver=5.9.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8bca515ba642c6c9c88eacc51f46a408534acd5fd6592970929503bd59d779bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 00:05:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1361369
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Thu, 16 May 2019 09:04:38 GMT
server: nginx
etag: W/"5cdd27a6-474fd"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: Vd9YJLYKXTYv1oYW5VWDv-l40y05QJjfglYceGTh3w_d2KY-eNMiVg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
www.blog.esper.io/wp-content/themes/gillion/js/ 57 KB
12 KB 242ms
64ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/js/scripts.js?ver=5.9.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

005862b71091d0daf9e4d0427064e0532c0492791310d4f7afc3fca7126c62fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:13:51 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1386076
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Fri, 08 Apr 2022 09:24:37 GMT
server: nginx
etag: W/"624fff55-e2ce"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: XUdu30Wq7k8XHhsKoSRpbcZhaXbZGvrUVkNsr5ePEWkzI2nKr_3kMQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 okta-sign-in.min.js Show response
global.oktacdn.com/okta-signin-widget/5.12.0/js/ 1 MB
390 KB 221ms
43ms Script
application/x-javascript 108.157.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/5.12.0/js/okta-sign-in.min.js

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-83.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6b6e00dd9941d4194ca76d49548d81c02b55984c571590e91ac27e8420ac3fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: t3W88AgAd7gj5a2ucJstCnHE3z.qk.S3
content-encoding: gzip
x-content-type-options: nosniff
age: 44053
x-cache: Hit from cloudfront
date: Wed, 04 May 2022 06:00:55 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 17:04:31 GMT
server: AmazonS3
etag: W/"ef4b25c4dba03d4a7f116ee12b9082e4"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: QvsOn20etILwfU9wADkmpMi-l-e3QO5ajKQnB0yWykMu90IcLiPJ-Q==

GET
H2 200 okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/5.12.0/css/ 207 KB
30 KB 205ms
28ms Stylesheet
text/css 108.157.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/5.12.0/css/okta-sign-in.min.css

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-83.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

89a4dc985f4858672e2e9433d0449a7c2ae4f9162542f6afb9dae7099755cf7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: nL4XvYaC7isRTtED6XtujHDcu1Lj.LoG
content-encoding: gzip
x-content-type-options: nosniff
age: 44053
x-cache: Hit from cloudfront
date: Wed, 04 May 2022 06:00:55 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 17:04:30 GMT
server: AmazonS3
etag: W/"f1b166d193b06b54e58748cd5581dd7e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: e2XR2fLCZHE5h6Ga5yokV2OXAm5n1vcr3sedLKNvaKA48_taDcFzNg==

GET
H2 200 /
blog.esper.io/ 4 KB
1 KB 195ms
194ms Stylesheet
text/css 192.0.78.137
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.esper.io/?custom-css=f3e607a93f

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.137 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

72fd337686c399b982d31c82d9f5a599eb9b8981bfa3e85a18f5575f6e800d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nananana: Batcache-Hit
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 04 May 2022 18:10:10 GMT
server: nginx
date: Wed, 04 May 2022 18:15:07 GMT
vary: Accept-Encoding, Cookie
content-type: text/css;charset=utf-8
pragma: no-cache
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
cache-control: no-store, no-cache, must-revalidate
x-ac: 2.hhn _atomic_ams
host-header: WordPress.com
expires: Thu, 04 May 2023 18:10:10 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 219ms
42ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700&display=swap

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5228615fc416ae4512d7a501cebc538e2bc8f498260ef5e22c489e8ae3e036da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 18:03:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 18:15:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 18:15:07 GMT

GET
H2 200 esper-logo.png
blog.esper.io/wp-content/uploads/2019/05/ 2 KB
2 KB 188ms
186ms Image
image/png 192.0.78.137
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.esper.io/wp-content/uploads/2019/05/esper-logo.png

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.137 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

43ca8e2979ec99dec4c67ac8dffd3c4f696c7b665b038a0d37b54cd354ada4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 23 Dec 2021 12:33:40 GMT
server: nginx
etag: "61c46ca4-781"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1921
expires: Wed, 11 May 2022 18:15:08 GMT

GET
H2 200 Esper-logo.png
blog.esper.io/wp-content/uploads/2022/02/ 3 KB
3 KB 349ms
347ms Image
image/png 192.0.78.137
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.esper.io/wp-content/uploads/2022/02/Esper-logo.png

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.137 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5f31e39892dac40a8991c60792ac59d7e53424bcd471606b6808359ccaed2d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Wed, 23 Feb 2022 06:35:14 GMT
server: nginx
etag: "6215d5a2-c4e"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3150
expires: Wed, 11 May 2022 18:15:08 GMT

GET
H2 200 318x138.jpg
blog.esper.io/wp-content/uploads/2022/02/ 30 KB
30 KB 219ms
217ms Image
image/jpeg 192.0.78.137
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.esper.io/wp-content/uploads/2022/02/318x138.jpg

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.137 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb5ce5ab5fa8ab82b7843775ab28759197a458286106c541683faf704774bdf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Tue, 08 Feb 2022 08:39:26 GMT
server: nginx
etag: "62022c3e-760a"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 30218
expires: Wed, 11 May 2022 18:15:08 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 83ms
41ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1201a7ade8b583fd9855901caec83fb98deae7c63cb5422c710eb89c371a53e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:07 GMT
via: 1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 475
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 03 May 2022 07:34:38 UTC
server: cloudflare
etag: W/"7fc363e633af7991a55db0edb86a2389"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKHEESL896w1IGdgvR2sqxh2%2B9%2BHj6DRGTKAoGdlxBD4PwzldlFeqHRYF9mx4SQksTutkSXAYEthEzLx8eeKyDhVK0%2FFHz7b6h8IKbxqF4DH1C0uCAYAdryERX%2FCCSfkUWLh8OV3Px%2BQLPpz"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: MZx47VT54ZncxhCATHluUTqB0LVHatTh
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 706338523b74913a-FRA
x-amz-cf-id: yXHZBQEoSJsxpZkrXAPSJRqJFKKxudJz84UwKnP8q7h_V7tIujFw2Q==
x-hs-target-asset: FormsNext/static-5.486/bundles/project_with_deps.js

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 6 KB
2 KB 70ms
20ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202218
Requested by: Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 9e038ad8d6f4e0982fc74aa17e251982a487d9e7326ab37ae739d146236593b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
server: nginx
etag: W/"6246db7c-16da"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 2.hhn _dfw
timing-allow-origin: *
expires: Tue, 02 May 2023 00:00:00 GMT

GET
H2 200 photon.min.js Show response
www.blog.esper.io/wp-content/plugins/jetpack/_inc/build/photon/ 685 B
807 B 22ms
22ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:49:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2568361
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Tue, 07 Dec 2021 16:56:48 GMT
server: nginx
etag: W/"61af9250-2ad"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: pgYHodlZfQy9I69HeTEmR7JSGjojfof8U1u_zrWphOMigoqKZ8vftw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment_count.js Show response
www.blog.esper.io/wp-content/plugins/disqus-comment-system/public/js/ 889 B
877 B 22ms
20ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 06:35:17 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2720391
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Fri, 17 Dec 2021 05:02:56 GMT
server: nginx
etag: W/"61bc1a00-379"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: XR3cjc3WQQVd709uv2_xq4vpBE0uh41z1mwcarEWAOiJBbKDQvOgtA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5868902.js Show response
js.hs-scripts.com/ 2 KB
990 B 480ms
424ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5868902.js?integration=WordPress&ver=8.11.11
Requested by: Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3947dfc0490d874261b07b9eb9e85355067292c1d2be1915d42e51b378bd9ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 56f07943-f384-47ac-b7bb-5d40466f2354
last-modified: Wed, 04 May 2022 18:08:43 GMT
server: cloudflare
x-trace: 2B0B31333BB963C2B2052DE408D243755B7EB87FA5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://blog.esper.io
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 70633853ab5090d4-FRA
expires: Wed, 04 May 2022 18:16:08 GMT

GET
H2 200 anchorific.js Show response
www.blog.esper.io/wp-content/plugins/shortcode-toc/assets/vendor/js/ 6 KB
3 KB 24ms
21ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/shortcode-toc/assets/vendor/js/anchorific.js?ver=1.0.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0be397c5050211db63a3f5b8f412e3eb75bf4e9836729c92f419dbb3843d5231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:39:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 4185366
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Wed, 03 Jul 2019 18:22:47 GMT
server: nginx
etag: W/"5d1cf277-176a"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: rBSaRYbX_8wdqRYQa1XhUplKtmY4BWDLjICxC0i74YBZjaUj3ww3Xw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intersection-observer.js Show response
www.blog.esper.io/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 24ms
22ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=b5fe079abfcad78b7237774a0b3115aa

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 05:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 131380
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Tue, 14 Dec 2021 19:26:02 GMT
server: nginx
etag: W/"61b8efca-2317"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: 3r-YiHJR5i4yF8JZR5w2CPompQG_3EtDySxD6Cn_2BQBcigMx1fREg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazy-images.js Show response
www.blog.esper.io/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 25ms
22ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=567470f2f8d6d97f1a9cb9b77b0e503c

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 05:45:27 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 131381
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Tue, 14 Dec 2021 19:26:02 GMT
server: nginx
etag: W/"61b8efca-925"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: hSYfFLKNDFtCVRFq25NbFCQ5YWcxyl6aDDfRDA_TlI6dNUmcFdOamQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 effect.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/ 17 KB
6 KB 22ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/effect.min.js

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 04 May 2023 18:15:08 GMT

GET
H2 200 bootstrap.min.js Show response
www.blog.esper.io/wp-content/themes/gillion/js/plugins/ 36 KB
10 KB 25ms
23ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/js/plugins/bootstrap.min.js?ver=3.3.4

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 06:58:57 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1422971
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Thu, 16 May 2019 09:04:38 GMT
server: nginx
etag: W/"5cdd27a6-90bb"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: smnYQ5CjAdWBsAfdTB_SY7vKGeOEhtvTH7fU0qbpfA985PefmsG5pw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/ 3 KB
1 KB 22ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/comment-reply.min.js

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 21:47:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 04 May 2023 18:15:08 GMT

GET
H2 200 e-202218.js Show response
stats.wp.com/ 9 KB
3 KB 70ms
20ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202218.js
Requested by: Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 23 Apr 2023 19:07:03 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.blog.esper.io/wp-includes/js/ 18 KB
5 KB 23ms
22ms Script
application/javascript 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 06:17:50 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1425438
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: nginx
etag: W/"60bfebf0-4705"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
x-amz-cf-id: -h5LYS6foXUoljyHGxrhaBwIth0O752wnSgrQAJToHkFD4BVb0hgQg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 me
esper.okta.com/api/v1/sessions/ Frame 0
0 644ms
204ms Preflight 35.81.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esper.okta.com/api/v1/sessions/me

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.67.28 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-67-28.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' esper.okta.com .oktacdn.com; connect-src 'self' esper.okta.com esper-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com esper.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' esper.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' esper.okta.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' esper.okta.com esper-admin.okta.com login.okta.com; img-src 'self' esper.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' esper.okta.com data: .oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://blog.esper.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-origin: https://blog.esper.io
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-length: 0
content-security-policy: default-src 'self' esper.okta.com *.oktacdn.com; connect-src 'self' esper.okta.com esper-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com esper.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' esper.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' esper.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' esper.okta.com esper-admin.okta.com login.okta.com; img-src 'self' esper.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' esper.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
content-security-policy-report-only: default-src 'self' esper.okta.com *.oktacdn.com; connect-src 'self' esper.okta.com esper-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com esper.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' esper.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' esper.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' esper.okta.com esper-admin.okta.com login.okta.com; img-src 'self' esper.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' esper.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date: Wed, 04 May 2022 18:15:08 GMT
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires: 0
p3p: CP="HONK"
pragma: no-cache
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: YnLCrFuZPfPZGyNQU7YziQAAA9E
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9995
x-rate-limit-reset: 1651688122
x-xss-protection: 0

GET
H2 404 me Show response
esper.okta.com/api/v1/sessions/ 168 B
2 KB 584ms
210ms Fetch
application/json 35.81.67.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esper.okta.com/api/v1/sessions/me

Requested by

Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/5.12.0/js/okta-sign-in.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.67.28 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-67-28.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a1e35120a572decb1f41f4768564115b3758f96aeedb71fd12ce7d3ff9c0e90f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' esper.okta.com .oktacdn.com; connect-src 'self' esper.okta.com esper-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com esper.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' esper.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' esper.okta.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' esper.okta.com esper-admin.okta.com login.okta.com; img-src 'self' esper.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' esper.okta.com data: .oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://blog.esper.io/
X-Okta-User-Agent-Extended: okta-signin-widget-5.12.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

x-okta-request-id: YnLCra@X6LJgzP6OSCTYRgAACqg
date: Wed, 04 May 2022 18:15:09 GMT
content-encoding: gzip
x-rate-limit-limit: 750
x-rate-limit-remaining: 745
content-security-policy-report-only: default-src 'self' esper.okta.com *.oktacdn.com; connect-src 'self' esper.okta.com esper-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com esper.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' esper.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' esper.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' esper.okta.com esper-admin.okta.com login.okta.com; img-src 'self' esper.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' esper.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p: CP="HONK"
vary: Accept-Encoding,Origin
x-xss-protection: 0
pragma: no-cache
server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: https://blog.esper.io
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-rate-limit-reset: 1651688123
content-security-policy: default-src 'self' esper.okta.com *.oktacdn.com; connect-src 'self' esper.okta.com esper-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com esper.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' esper.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' esper.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com; frame-src 'self' esper.okta.com esper-admin.okta.com login.okta.com; img-src 'self' esper.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com data: blob:; font-src 'self' esper.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
content-type: application/json
access-control-allow-headers: Content-Type
x-content-type-options: nosniff
expires: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/5868902/8f08dcc1-7522-4b9c-bcf0-51ed75c55cf3/ Frame 0
0 190ms
147ms Preflight
text/plain 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5868902/8f08dcc1-7522-4b9c-bcf0-51ed75c55cf3/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://blog.esper.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://blog.esper.io
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 70633853c8029b76-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 04 May 2022 18:15:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: dbdf42d4-c35e-4d18-8efe-926a67372b95
x-robots-tag: none
x-trace: 2BF47EBB1A218A4F445F22CFF1F75664811E372720000000000000000000

GET
H/1.1 200
OK embed.js Show response
blog-esper-io.disqus.com/ 78 KB
25 KB 256ms
182ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://blog-esper-io.disqus.com/embed.js

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

666cb5b84a7781730c4ca054dabbdc55d1657c72cc950ba074c36a187d6b8a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 18:15:08 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25428
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/5868902/8f08dcc1-7522-4b9c-bcf0-51ed75c55cf3/ 3 KB
1 KB 174ms
174ms XHR
application/json 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5868902/8f08dcc1-7522-4b9c-bcf0-51ed75c55cf3/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a25035bb51e52305be96d7192d2df96d899fed862cfd4e5fdf661ed68d9c9827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://blog.esper.io/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 4970d1e4-d951-41ba-b0ee-a80d19956e0e
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B6D682151DF38BC6DAC677871484719DF4069A7C1000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.esper.io
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 70633854ba379b76-FRA
access-control-allow-headers: *

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v11/ 16 KB
17 KB 122ms
71ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:37:58 GMT
x-content-type-options: nosniff
age: 599830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 19:37:58 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v11/ 17 KB
17 KB 126ms
76ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:37:59 GMT
x-content-type-options: nosniff
age: 599829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17108
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:15:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 19:37:59 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v11/ 17 KB
17 KB 115ms
65ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7287735cb481be63658ddbb5412092d2539823978d2f4d294da10aaa81e32265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 20:06:10 GMT
x-content-type-options: nosniff
age: 598138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17112
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:15:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 20:06:10 GMT

GET
H2 200 Simple-Line-Icons.ttf
www.blog.esper.io/wp-content/themes/gillion/fonts/ 52 KB
31 KB 77ms
27ms Font
application/font-ttf 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/fonts/Simple-Line-Icons.ttf?v=2.2.2

Requested by

Host: www.blog.esper.io
URL: https://www.blog.esper.io/wp-content/themes/gillion/css/plugins.css?ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

937e59152189ecedb8688efcd8b927fc40d43b5c5225a05a25f4cf537ad8ca7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.blog.esper.io/wp-content/themes/gillion/css/plugins.css?ver=5.9.3
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:49:09 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2568359
x-cache: Hit from cloudfront
x-ac: 2.hhn _atomic_ams
access-control-allow-origin: *
last-modified: Thu, 16 May 2019 09:04:38 GMT
server: nginx
etag: W/"5cdd27a6-d078"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: application/font-ttf
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: i_IsbReHAjDJCbByWHa-phC8Gz-Y6Oi3-G8q0iX9kBs34w4uoM0BTQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
fonts.gstatic.com/s/nunitosans/v11/ 17 KB
18 KB 78ms
28ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e69042895b3225968f6d0beb976632ef82fd4c8ef0bd04c6a576cb94b0e22b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:38:15 GMT
x-content-type-options: nosniff
age: 599813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17712
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:15:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 19:38:15 GMT

GET
H2 200 themify.woff
www.blog.esper.io/wp-content/themes/gillion/fonts/ 55 KB
55 KB 96ms
46ms Font
application/font-woff 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/themes/gillion/fonts/themify.woff?-fvbane

Requested by

Host: www.blog.esper.io
URL: https://www.blog.esper.io/wp-content/themes/gillion/css/plugins.css?ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.blog.esper.io/wp-content/themes/gillion/css/plugins.css?ver=5.9.3
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:39:03 GMT
x-ac: 2.hhn _atomic_ams
age: 4185365
x-cache: Hit from cloudfront
content-length: 56108
access-control-allow-origin: *
last-modified: Thu, 16 May 2019 09:04:38 GMT
server: nginx
etag: "5cdd27a6-db2c"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: ACZXLsbnujbWQ41hNaDqo89iMgV5DiuKgtgWW1FncUhPhhhW3tDF7g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4GwZuY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v11/ 17 KB
18 KB 105ms
56ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe01MImSLYBIv1o4X1M8cce4GwZuY1MIUg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3e535950465fddbb74df738e49f557e7522d057753d277a6dbd3ad916d068a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 00:23:41 GMT
x-content-type-options: nosniff
age: 582687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17804
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Apr 2023 00:23:41 GMT

GET
H2 200 pe01MImSLYBIv1o4X1M8cce4G3JoY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v11/ 17 KB
17 KB 108ms
59ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe01MImSLYBIv1o4X1M8cce4G3JoY1MIUg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31abac5689030f291b87b9a4bd8de3d206202881de982b075c16391d31cbe5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 00:15:57 GMT
x-content-type-options: nosniff
age: 583151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17704
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Apr 2023 00:15:57 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v11/ 16 KB
17 KB 53ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983e357f89b271ec5b55552dd277c48b7891344bfaf230b5b3126fb0a55c1d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:38:11 GMT
x-content-type-options: nosniff
age: 599817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16796
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 19:38:11 GMT

GET
H2 200 hotjar-1475076.js Show response
static.hotjar.com/c/ 4 KB
2 KB 105ms
53ms Script
application/javascript 13.32.121.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1475076.js?sv=6

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-54.fra60.r.cloudfront.net

Software

Resource Hash

5cc32b5d6f4f167c7feb5e51dfd69530837a6761054acae3a4f9e0285f491443

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA60-P1
etag: W/c9b29c5bb8dc8c267d6ac08b9de42fd8
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1906
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-id: bTEY-U49ezGgAaouDFbwDfNpA8FmmRwpn7J9D0g8y93KWD7Wh_3peg==

GET
H/1.1 200
OK count.js Show response
blog-esper-io.disqus.com/ 1 KB
2 KB 69ms
23ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://blog-esper-io.disqus.com/count.js

Requested by

Host: www.blog.esper.io
URL: https://www.blog.esper.io/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 18:15:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 104
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 02 May 2022 21:24:36 GMT
Server: nginx
ETag: "62704c14-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 6AM9EtGksbzM5fkM7lwPamc0GcRIX_k6r1fBV82ZDfQPEw-zjkXl6Q==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5053
date: Wed, 04 May 2022 16:50:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 04 May 2022 18:50:55 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 29ms
20ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.9-beta2&blog=162263706&post=8296&tz=-7&srv=blog.esper.io&hp=atomic&ac=2&amp=0&host=blog.esper.io&ref=&fcp=0&rand=0.3495073301466427
Requested by: Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 04 May 2022 18:15:08 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 fontawesome-webfont.woff2
www.blog.esper.io/wp-content/plugins/unyson/framework/static/libs/font-awesome/fonts/ 75 KB
76 KB 27ms
27ms Font
application/font-woff2 2600:9000:2057:8000:12:7b21:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blog.esper.io/wp-content/plugins/unyson/framework/static/libs/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.blog.esper.io
URL: https://www.blog.esper.io/wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:12:7b21:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.blog.esper.io/wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.26
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:33:54 GMT
x-ac: 2.hhn _atomic_ams
age: 628874
x-cache: Hit from cloudfront
content-length: 77160
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 20:23:01 GMT
server: nginx
etag: "62100025-12d68"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: ASmdOHcvc1Ew1vn2fjhZ9PrmsFadGvx4VYyOsB9369PR2-M9RUq3ig==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Android-phone-next-to-malware-logo.jpg
i0.wp.com/www.blog.esper.io/wp-content/uploads/2022/05/ 25 KB
25 KB 68ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.blog.esper.io/wp-content/uploads/2022/05/Android-phone-next-to-malware-logo.jpg?resize=1200%2C675&ssl=1

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

966a12f1da718934de5c9ac794f9e50ba7afb8bad70baefe10f224b6ada32467

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 04 May 2022 18:15:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 May 2022 17:17:54 GMT
server: nginx
etag: "599c4cb880a6116e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.blog.esper.io/wp-content/uploads/2022/05/Android-phone-next-to-malware-logo.jpg>; rel="canonical"
content-length: 25098
expires: Fri, 03 May 2024 05:17:54 GMT

GET
H2 200 6331d2892704816b6491ffbbbdc9c9fb
secure.gravatar.com/avatar/ 2 KB
2 KB 65ms
19ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/6331d2892704816b6491ffbbbdc9c9fb?s=28&d=identicon&r=g
Requested by: Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d26c345134b24756449058343709a442b9b9f13541e445b7db72dbd9c0041747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 04 May 2022 18:15:08 GMT
last-modified: Fri, 22 Oct 2021 17:34:39 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="6331d2892704816b6491ffbbbdc9c9fb.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/6331d2892704816b6491ffbbbdc9c9fb?s=28&d=identicon&r=g>; rel="canonical"
content-length: 1835
expires: Wed, 04 May 2022 18:20:08 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1821218795&utmhn=blog.esper.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Androi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-141392027-1&cid=647336019.1651688108&jid=1262863227&_v=5.7.2&z=1821218795
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141392027-1&cid=647336019.1651688108&jid=1262863227&_v=5.7.2&z=1821218795
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141392027-1&cid=647336019.1651688108&jid=1262863227&_v=5.7.2&z=1821218795&slf_rd=1&random=3470263845

42 B
501 B

111ms
61ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141392027-1&cid=647336019.1651688108&jid=1262863227&_v=5.7.2&z=1821218795&slf_rd=1&random=3470263845

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:15:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 May 2022 18:15:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141392027-1&cid=647336019.1651688108&jid=1262863227&_v=5.7.2&z=1821218795&slf_rd=1&random=3470263845
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.d0a2aeb118e239528093.js Show response
script.hotjar.com/ 238 KB
62 KB 96ms
31ms Script
application/javascript 108.157.4.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d0a2aeb118e239528093.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1475076.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-45.dus51.r.cloudfront.net

Software

Resource Hash

30487167d145a79b345ad5f6d8bac69224575af83c11a45ccc1e1da5725a73e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 08:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34802
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63366
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 08:34:55 GMT
etag: "a7a180207593a609a9773fd8d037bf4f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: F52KF7_mQbX2onOTUvMuPL97DRaPWnb9I3ChfiYiyTpjGa5nc5ax8A==

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 127ms
36ms Other
text/css 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: blog-esper-io.disqus.com
URL: https://blog-esper-io.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3797334
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: wmDRBkh6a2DngQc26uz389p3HdRjvaWdoiTBCtjMVWasPrHXeQT-lw==
x-cache-hits: 0

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/ 0
93 KB 155ms
64ms Other
application/javascript 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: blog-esper-io.disqus.com
URL: https://blog-esper-io.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1287841
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: 6YxLGDwtt2AUGNCFy2De2ebPlCRYI591UBdZlUfdWdHtY9uJIXmyiA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.d295adc9f72a1145cb03cc5bc681e21c.js
c.disquscdn.com/next/embed/ 0
121 KB 188ms
98ms Other
application/javascript 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.d295adc9f72a1145cb03cc5bc681e21c.js

Requested by

Host: blog-esper-io.disqus.com
URL: https://blog-esper-io.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 19:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033275
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123217
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Apr 2022 18:32:47 GMT
server: nginx
etag: "6262f4cf-1e151"
content-type: application/javascript; charset=utf-8
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
expires: Sat, 22 Apr 2023 19:13:53 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: xz7bPZ64xWgQFDtitx7KT-Re4BB18m1rAxDSImueNGoqbiF2c6pouQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 85ms
28ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: blog-esper-io.disqus.com
URL: https://blog-esper-io.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 18:15:08 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 54
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15014
X-XSS-Protection: 1; mode=block

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 8F76 2 KB
1 KB 96ms
22ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1475076.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-117.fra60.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Referer: https://blog.esper.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15307789
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Nov 2021 14:05:19 GMT
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Tue, 01 Jun 2021 09:17:15 GMT
vary: Accept-Encoding
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-id: f8Tpn0b_OWSHDDVWF1Gvgq2hpL7VIxCySjDY4oYy10Dj2BjQBTW66w==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame F84D 7 KB
4 KB 121ms
120ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default

Requested by

Host: blog-esper-io.disqus.com
URL: https://blog-esper-io.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

880992727539df6b86a03dd4ddcf456a9732a3cd03cb01668730492d1bd97079

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.esper.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 28
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2802
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 04 May 2022 18:15:08 GMT
ETag: W/"lounge:view:9152445761.ce95fe6ba1cfa298967f2f923cefff20.2"
Last-Modified: Tue, 03 May 2022 17:15:16 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 87ms
31ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5868902.js?integration=WordPress&ver=8.11.11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142e1cd28809b7bbe61123941a3a70a045a5c1fa864c97574b32abd94f4b4229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
via: 1.1 9349b115ae66d16aae68deb9bb5eebc2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 275
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.278/bundles/pixels-release.js&cfRay=7063319d7b559229-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 26 Apr 2022 04:18:52 UTC
server: cloudflare
etag: W/"e23a3c7ef0fc6b7c55f83c4911c95be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: sUKtDc7b2iEDZ57z7v16VeKnAVF7O_.0
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 70633856ce269208-FRA
x-amz-cf-id: NYGT8lE6UE0xQJjcSX9GGBSTV0oAEfDYrg667Fn-k5qnqLuNqyyVJg==
x-hs-target-asset: adsscriptloaderstatic/static-1.278/bundles/pixels-release.js

GET
H2 200 5868902.js Show response
js.hs-banner.com/ 61 KB
16 KB 489ms
437ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5868902.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5868902.js?integration=WordPress&ver=8.11.11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd991c27333efd3d03967ada74c1d106709e5ad3a3d26cdef51d03a8abe085f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: C3QDKY44BXNKPHBZ
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: ZW36TVznvJnIsDagYs0lDfVZnhi5Z5aS0wOjHjnaeBCzBdccwkOHelHY80e0TuPGZ7+iNYvp3fM=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 21:30:21 GMT
server: cloudflare
etag: W/"eaa70cf3fc5fce51c3f12ea8f1cb3422"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: tx1R88dnTiMCBtSGH7JYNtkE.iNuKCzN
access-control-allow-origin: https://blog.esper.io
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 70633856bf6f9944-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 04 May 2022 18:20:08 GMT

GET
H2 200 5868902.js Show response
js.hs-analytics.net/analytics/1651688100000/ 62 KB
20 KB 229ms
171ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1651688100000/5868902.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5868902.js?integration=WordPress&ver=8.11.11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e54871675a925972d438b043182542011ac2fc8bdf728950670109da5376163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: KDTWBKFXWXGQNS2B
x-amz-server-side-encryption: AES256
cf-ray: 70633856ceb968fb-FRA
x-amz-id-2: R0f1zFCVfPznr3j8D7Rli/kk+ARRjEwGUTLR85WX36hp+AbR1CwvwMmPtznpaLIii4YdHttUg0o=
last-modified: Thu, 14 Apr 2022 15:28:42 GMT
server: cloudflare
etag: W/"34a8934d9cf201a738b56591aa566bc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 04 May 2022 18:20:08 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 73 KB
25 KB 90ms
36ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5868902.js?integration=WordPress&ver=8.11.11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e

Request headers

Referer: https://blog.esper.io/
Origin: https://blog.esper.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
via: 1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 800
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.273/bundles/project.js&cfRay=706324cc8daa9107-EWR
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 70633856cbfd9b7a-FRA
last-modified: Fri, 04 Mar 2022 03:24:42 UTC
server: cloudflare
etag: W/"5655d6c20b8fbd0326ccba67c4a94b8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: d8qvQ4NJOEEA6UgWpFiA1cbs11TvqQym
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: qFFitUVLR0bGGyUOxt2qPA3Gc4XopQaadDzDOQzLqguhZeNr7iGwXw==
x-hs-target-asset: collected-forms-embed-js/static-1.273/bundles/project.js

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1475076/ 147 B
322 B 155ms
49ms XHR
application/json 34.247.147.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1475076/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d0a2aeb118e239528093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.147.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-147-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8

Request headers

Referer: https://blog.esper.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1475076 Show response
vc.hotjar.io/sessions/ 0
256 B 138ms
61ms XHR
text/plain 18.66.192.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1475076?s=0.25&r=0.035669154467412145
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d0a2aeb118e239528093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-48.muc50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: jOQ_TZQ5tj8MwrLL8zzD83qFphKGyuqj7aeaxgHdSwH08no8JKHawA==

GET
H2 200 lounge.load.48980166e0153f33375a5a0d60b5e441.js Show response
c.disquscdn.com/next/embed/ Frame F84D 958 B
1 KB 92ms
30ms Script
application/javascript 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.48980166e0153f33375a5a0d60b5e441.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ec934eecf474af1cbf210cb0b23f14f407f7d6960eb2bd25bee29e4038cd5e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 19:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033275
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 493
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Apr 2022 18:32:47 GMT
server: nginx
etag: "6262f4cf-1ed"
content-type: application/javascript; charset=utf-8
via: 1.1 4257eeab27601f991562127463de27ee.cloudfront.net (CloudFront)
expires: Sat, 22 Apr 2023 19:13:53 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: e_43b9uJ9YE4Rb3tTuqVTtvSRCLgIRKJMJuJpYIO-4qEq6ZEqSBeQQ==
x-cache-hits: 0

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 199ms
137ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=5868902&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de2186b8a48f7ef73dd6fc4b3cf6dfdf63d15832aa9533489c8c1ce48df8ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://blog.esper.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e28d6097-c3e2-49c0-b3e0-876c0580f36f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCG1zdDORnUqbPaTtIFr9Iw%2BbqllZlwyzuxbc4iFajUHfl0LhilhWf%2BdRuHSN578r8jbZgOTz%2BGBUI2IM%2Bbcw8ioaIr4wW6J7ymsSkpF9%2Bi3kpcxPGexRiaw8mX01U2k2nEfZr1hYYZmnFJHBLQv"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.esper.io
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 7063385789c6903a-FRA
access-control-allow-headers: *

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js Show response
c.disquscdn.com/next/embed/ Frame F84D 282 KB
93 KB 33ms
33ms Script
application/javascript 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.48980166e0153f33375a5a0d60b5e441.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1287841
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: stI24QkdMlA3m_ro5Wi8l82Gm8rh97F2Om1xVSCv73coZOzURxOMaA==
x-cache-hits: 0

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ Frame F84D 165 KB
26 KB 33ms
33ms Stylesheet
text/css 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3797334
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: Rza974DO-oc_h2JpZglpwVqSbh76wXZeco8WpqUlaZ-0QTyr5vPc6g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.d295adc9f72a1145cb03cc5bc681e21c.js Show response
c.disquscdn.com/next/embed/ Frame F84D 476 KB
121 KB 33ms
33ms Script
application/javascript 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.d295adc9f72a1145cb03cc5bc681e21c.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7e49288cded16fd39b68f9a4c511e863ea5d03bef945cbc84ca5c1a8544664a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 19:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033275
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123217
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Apr 2022 18:32:47 GMT
server: nginx
etag: "6262f4cf-1e151"
content-type: application/javascript; charset=utf-8
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
expires: Sat, 22 Apr 2023 19:13:53 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: qQ5cCbH0Pk6mvDGbz43RfUaM5gZe9zHbxpSV1h8LVFC4ab5wB6yQLg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame F84D 15 KB
15 KB 22ms
21ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9ae8fa2561b9686ad863d2eb0aa5832be309875cad56ac19dc04f9f075dbca1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 18:15:08 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 54
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15014
X-XSS-Protection: 1; mode=block

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
472 B 192ms
169ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=5

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 02806066-9744-42e0-b514-65123f3ac707
cf-ray: 706338589b2f5c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2B52D22DE3B820D2F6BB4D22875296EEDD2B6EC637000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame F84D 3 KB
3 KB 128ms
128ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=blog-esper-io&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2141e21f77e9b0fa8368588838c53e8c7166d96285de746de063a298babec5dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 18:15:09 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3056
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1647409581/images/ Frame F84D 2 KB
2 KB 165ms
22ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1647409581/images/noavatar92.png

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 511406
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
content-length: 1644
x-amz-cf-id: dD--S8btDyn4ws21rumbASG_QJ0iEfOPOsmmNYWFPiPtNzDjcl3H5A==
expires: Thu, 28 Apr 2022 20:11:43 GMT

GET
DATA 200
OK truncated
/ Frame F84D 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame F84D 13 KB
13 KB 32ms
32ms Image
image/svg+xml 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 14:37:41 GMT
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 531447
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 26 Apr 2022 19:12:12 GMT
server: nginx
etag: "6268440c-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Fri, 28 Apr 2023 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: UNY4bfCtk6rm4vLPZI7Z4nXDI87sDMkAbRriWWtMwEr9YMp7JPDgMQ==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame F84D 3 KB
3 KB 30ms
30ms Image
image/gif 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:58:07 GMT
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7823822
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 26 Jan 2022 21:59:15 GMT
server: nginx
etag: "61f1c433-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Fri, 03 Feb 2023 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rjSfAzXUfK5KfD9LhGJXLpxg7KOLWseIORs7-MU9Oc0xG6ML1l9HIw==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame F84D 2 KB
2 KB 30ms
30ms Image
image/png 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19348041
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: iBrAIQdsa2_l3oINbPdHJ1wwnz5838jFmT11H6UYZbPJM_p_de9DTA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame F84D 8 KB
8 KB 33ms
33ms Font
application/octet-stream 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 4257eeab27601f991562127463de27ee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 21197811
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZDFKF6vyapxEkoHoaA5bKCEMnqu1ObmlBKkgm8CVGLhx3JmnuDCjCw==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 0A3C 337 B
839 B 30ms
30ms Stylesheet
text/css 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: blog-esper-io.disqus.com
URL: https://blog-esper-io.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1014746
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Apr 2022 18:32:47 GMT
server: nginx
etag: "6262f4cf-f4"
content-type: text/css; charset=utf-8
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
expires: Sun, 23 Apr 2023 00:22:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: Wnr1uyhjETF7fDS4nQO32R2YH-5Bf1aAoM-5zY9hK4lTkd0yZHvmDQ==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 09AD 337 B
838 B 30ms
30ms Stylesheet
text/css 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: blog-esper-io.disqus.com
URL: https://blog-esper-io.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1014746
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Apr 2022 18:32:47 GMT
server: nginx
etag: "6262f4cf-f4"
content-type: text/css; charset=utf-8
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
expires: Sun, 23 Apr 2023 00:22:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: 0KJV0ues_bCmR1R76p1gXLNRhMtd7vpLpeXjvU8k_4ZC90_cX0ApZg==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame F84D 43 B
339 B 158ms
113ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=192&event=init_embed&thread=9152445761&forum=blog-esper-io&forum_id=7296733&imp=1gs468f38j0ncs&thread_slug=android_138217s_new_sideloading_restriction_makes_it_harder_for_malware_to_abuse_accessibility_apis&user_type=anon&referrer=https%3A%2F%2Fblog.esper.io%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: blog.esper.io
URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=blog-esper-io&t_i=8296%20https%3A%2F%2Fblog.esper.io%2F%3Fp%3D8296&t_u=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t_e=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&t_d=%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09Android%2013%E2%80%99s%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs%09%09%09%09%09%09%09%09%09%09%09%09&t_t=Android%2013%26%238217%3Bs%20new%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 18:15:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame F84D 13 KB
13 KB 32ms
32ms Image
image/svg+xml 2600:9000:225f:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 14:37:41 GMT
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 531448
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 26 Apr 2022 19:12:12 GMT
server: nginx
etag: "6268440c-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Fri, 28 Apr 2023 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: f0NLa00X0SIvtmvmKjiG6osNrPdT1gAlO3Pyj-0UUOK-uzGpsvHC6g==
x-cache-hits: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
961 B 196ms
141ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=8f08dcc1-7522-4b9c-bcf0-51ed75c55cf3&fci=28b77a09-3245-49c3-9912-0abae48f0ec8&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=5868902&rcu=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&pu=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t=Android+13%27s+sideloading+restriction+makes+it+harder+for+malware+to+abuse+Accessibility+APIs&cts=1651688109112&vi=5bb3a188aa2848814babfbf503d779a5&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 944a922a-b3da-4ea8-a1a7-702ad82491f3
cf-ray: 7063385a6b955b68-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B4dXJDsE0Hm63nk7OyiDf5nLSWVK4yvdURoe4D2uZDqAs4cuDDtTjBTmKlhLcj8LBhLW%2BcgQ2lGiI1LT4osxK6peHkwD6UCjtWHGWlxIdV0oWU%2FCo6QF0PA%2BSaj6dFILuIY0xnwKs7KRnsM5clV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
549 B 213ms
158ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=8f08dcc1-7522-4b9c-bcf0-51ed75c55cf3&fci=28b77a09-3245-49c3-9912-0abae48f0ec8&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=5868902&rcu=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&pu=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t=Android+13%27s+sideloading+restriction+makes+it+harder+for+malware+to+abuse+Accessibility+APIs&cts=1651688109115&vi=5bb3a188aa2848814babfbf503d779a5&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ce8c23b7-e83d-43a2-95cf-f0a47fa4f446
cf-ray: 7063385a6b995b68-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vY6WgejpJ3jp3hcbdz1K1Qu3jiSuKHtXZrDCEadj7m2mwEHdWlpbB5Z5aPSmaw0168lttBxGyRQEn3usEgKTuIoAZdrfAS6ckxgt%2F3bkgGxDoJR99ZF6oWmSGAGdCY3bj5K8iF3XcLjd8sLfeml8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
558 B 205ms
149ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=5868902&rcu=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&pu=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&t=Android+13%27s+sideloading+restriction+makes+it+harder+for+malware+to+abuse+Accessibility+APIs&cts=1651688109116&vi=5bb3a188aa2848814babfbf503d779a5&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b89f4971-adf8-48a3-b74f-e86d45e251c9
cf-ray: 7063385a6b9a5b68-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o%2FnpZbJUPRxNO95vWZB1uOxnEqronNwY%2Blk3linxqeR7E%2B2ZA4%2BYnRjyUntcoxpXwTmtSgGLecGt1riTMic7k9vak0IoORcymn2Bo7eo3fwglqzimGTKhWCPqrdp84dPjemEuqK0RrtcrcgDB%2Fi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 67 B
906 B 459ms
413ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5868902

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30808d0f2e2570c68e9c821e5fed4cc6122a6f32027be1c645295c8e53c74570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 593611aa-e5b9-484a-95bd-3b457efa6a03
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BA7579FC26C1D5D8A71699EB8296010B2E8DF4921000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAsL9vaOWY%2FvZPW1hiMHpBf%2FcR%2BJkbjDVbT5EuhA%2B2sYtYkgOAj%2FMMpmDDi9LGcj0RSm%2FJkuEq2LbIIFoL4unlKb5r4f2F%2BmIBqMza6ZA0PIygJT02Z1f7LhtHTETzeBI0TW9JckNP26CEAB"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.esper.io
access-control-allow-credentials: false
cf-ray: 7063385a5d059b7a-FRA
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 150 KB
56 KB 82ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-771076180

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2491290495fc4bbbcffd483e5386d55cf5d77806dbc6eb14aaa848cf9600362e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57315
x-xss-protection: 0
last-modified: Wed, 04 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 May 2022 18:15:09 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 98ms
33ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-771076180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 May 2022 18:15:09 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/771076180/ 3 KB
2 KB 80ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/771076180/?random=1651688109819&cv=9&fst=1651688109819&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&tiba=Android%2013%27s%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1d86246995c2ff88b179c98eed35a966cbb28e340413990892182ed0428b4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/771076180/ 42 B
64 B 80ms
35ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/771076180/?random=1651688109819&cv=9&fst=1651687200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&tiba=Android%2013%27s%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&async=1&fmt=3&is_vtc=1&random=2106436252&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/771076180/ 42 B
64 B 76ms
34ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/771076180/?random=1651688109819&cv=9&fst=1651687200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa520&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.esper.io%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&tiba=Android%2013%27s%20sideloading%20restriction%20makes%20it%20harder%20for%20malware%20to%20abuse%20Accessibility%20APIs&async=1&fmt=3&is_vtc=1&random=2106436252&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 boom.gif
pixel.wp.com/ 0
37 B 20ms
20ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.012&largest_contentful_paint=2375&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&host_name=blog.esper.io&url_path=%2Fandroid-13-sideloading-restriction-harder-malware-abuse-accessibility-apis%2F&nt_fetchStart=1&nt_domainLookupStart=2&nt_domainLookupEnd=61&nt_connectStart=61&nt_connectEnd=172&nt_secureConnectionStart=80&nt_requestStart=172&nt_responseStart=1515&nt_responseEnd=1535&nt_domLoading=1518&nt_domInteractive=2161&nt_domContentLoadedEventStart=2162&nt_domContentLoadedEventEnd=2164&nt_domComplete=3096&nt_loadEventStart=3096&nt_loadEventEnd=3112&nt_redirectCount=0&nt_api_level=2&start_render=2038&first_contentful_paint=2140&resource_size=203454&resource_transferred=72255&js_size=126933&js_transferred=45514&resource_cache_percent=0&js_cache_percent=0&last_resource_end=3975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.esper.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 04 May 2022 18:15:12 GMT
cache-control: no-cache
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=FontAwesome%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.esper.io/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3ed4709f405998fd77d80216fc901fb8
.blog.esper.io/	1970-01-20 20:19:20	Name: __utma Value: 198968316.647336019.1651688108.1651688108.1651688108.1
.blog.esper.io/	1969-12-31 23:59:59	Name: __utmc Value: 198968316
.blog.esper.io/	1970-01-20 07:10:56	Name: __utmz Value: 198968316.1651688108.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.blog.esper.io/	1970-01-20 02:48:08	Name: __utmt Value: 1
.blog.esper.io/	1970-01-20 02:48:09	Name: __utmb Value: 198968316.1.10.1651688108
.esper.io/	1970-01-20 11:33:44	Name: _hjSessionUser_1475076 Value: eyJpZCI6IjZkMTBiNjMwLWM0YmUtNTQ3My1hNjFjLTNiZTQzZTFhNmM3YSIsImNyZWF0ZWQiOjE2NTE2ODgxMDg1MTQsImV4aXN0aW5nIjpmYWxzZX0=
.esper.io/	1970-01-20 02:48:09	Name: _hjFirstSeen Value: 1
blog.esper.io/	1970-01-20 02:48:08	Name: _hjIncludedInSessionSample Value: 1
.esper.io/	1970-01-20 02:48:09	Name: _hjSession_1475076 Value: eyJpZCI6IjQyOGUyMDk1LTJkNzMtNDVlZS1iZWJkLTcwY2QwYjkxOTkyYSIsImNyZWF0ZWQiOjE2NTE2ODgxMDg1NDEsImluU2FtcGxlIjp0cnVlfQ==
blog.esper.io/	1970-01-20 02:48:08	Name: _hjIncludedInPageviewSample Value: 1
.esper.io/	1970-01-20 02:48:09	Name: _hjAbsoluteSessionInProgress Value: 1
.esper.io/	1970-01-20 07:07:20	Name: __hstc Value: 221464647.5bb3a188aa2848814babfbf503d779a5.1651688109109.1651688109109.1651688109109.1
.esper.io/	1970-01-20 07:07:20	Name: hubspotutk Value: 5bb3a188aa2848814babfbf503d779a5
.esper.io/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.esper.io/	1970-01-20 02:48:09	Name: __hssc Value: 221464647.1.1651688109110
.hubspot.com/	1970-01-20 02:48:09	Name: __cf_bm Value: 4VHIYZ3fM.mL8WakSaticMvxWW5bKANNn_2L0xM2LNw-1651688109-0-AYHipsO1Nk8gltTWxspTH8/JrG0NThr7p+vPVcANTvi6oESGlGe6gOm6sZrUCqkMLn2e0ItsR7Mte1fJlZEJuQ8=
.esper.io/	1970-01-20 04:57:44	Name: _gcl_au Value: 1.1.511097434.1651688110
.doubleclick.net/	1970-01-20 02:48:09	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/ Message: Access to CSS stylesheet at 'https://fonts.googleapis.com/css?family=FontAwesome%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3' from origin 'https://blog.esper.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fonts.googleapis.com/css?family=FontAwesome%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic&ver=5.9.3 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://esper.okta.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
api.hubapi.com
blog-esper-io.disqus.com
blog.esper.io
c.disquscdn.com
c0.wp.com
disqus.com
esper.okta.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
global.oktacdn.com
googleads.g.doubleclick.net
i0.wp.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
pixel.wp.com
referrer.disqus.com
s0.wp.com
script.hotjar.com
secure.gravatar.com
ssl.google-analytics.com
static.hotjar.com
stats.g.doubleclick.net
stats.wp.com
track.hubspot.com
vars.hotjar.com
vc.hotjar.io
www.blog.esper.io
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
fonts.googleapis.com
108.157.4.45
108.157.4.83
13.32.121.54
142.250.185.66
151.101.64.134
18.66.139.117
18.66.192.48
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.37
192.0.78.137
199.232.192.134
199.232.194.49
199.232.196.134
2600:9000:2057:8000:12:7b21:2540:93a1
2600:9000:225f:dc00:6:8656:f5c0:93a1
2606:4700:4400::ac40:9a55
2606:4700::6810:5505
2606:4700::6811:47b0
2606:4700::6811:73b0
2606:4700::6811:83ab
2606:4700::6811:ba49
2606:4700::6811:c9cc
2606:4700::6811:d3cc
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:810::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9b
2a04:fa87:fffe::c000:4902
34.247.147.99
35.81.67.28
005862b71091d0daf9e4d0427064e0532c0492791310d4f7afc3fca7126c62fd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
0be397c5050211db63a3f5b8f412e3eb75bf4e9836729c92f419dbb3843d5231
0d17fc85d22eb1f6c056ea79c018062eda0f312350c68c836364dc082b9a06bc
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0de2186b8a48f7ef73dd6fc4b3cf6dfdf63d15832aa9533489c8c1ce48df8ac6
0e54871675a925972d438b043182542011ac2fc8bdf728950670109da5376163
11330a3a18608bcf177f27e819530627b39a8fc6b2d08733c16c6a4717e382f6
1201a7ade8b583fd9855901caec83fb98deae7c63cb5422c710eb89c371a53e7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
142e1cd28809b7bbe61123941a3a70a045a5c1fa864c97574b32abd94f4b4229
2141e21f77e9b0fa8368588838c53e8c7166d96285de746de063a298babec5dd
21bfa39adac6fd7a27bc8a5b1a8acfab229af1da017a5be1e20ab42d5144feea
2491290495fc4bbbcffd483e5386d55cf5d77806dbc6eb14aaa848cf9600362e
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
30487167d145a79b345ad5f6d8bac69224575af83c11a45ccc1e1da5725a73e9
30808d0f2e2570c68e9c821e5fed4cc6122a6f32027be1c645295c8e53c74570
31abac5689030f291b87b9a4bd8de3d206202881de982b075c16391d31cbe5a7
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
43ca8e2979ec99dec4c67ac8dffd3c4f696c7b665b038a0d37b54cd354ada4b5
45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
5228615fc416ae4512d7a501cebc538e2bc8f498260ef5e22c489e8ae3e036da
56d1d9c225937fdd1f4ce3584a05346febf1e5321777bfab6b281c44c5db5e10
575c326ff6431fe44f94cb7f0ceee19d4592c6e09e0a14a3fd6508b46d82fa49
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5cc32b5d6f4f167c7feb5e51dfd69530837a6761054acae3a4f9e0285f491443
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5f31e39892dac40a8991c60792ac59d7e53424bcd471606b6808359ccaed2d59
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
666cb5b84a7781730c4ca054dabbdc55d1657c72cc950ba074c36a187d6b8a15
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6e00dd9941d4194ca76d49548d81c02b55984c571590e91ac27e8420ac3fe3
723a65a87d784184c987d808633b0371b282c5857081634e016158a6cadda2f1
7287735cb481be63658ddbb5412092d2539823978d2f4d294da10aaa81e32265
72fd337686c399b982d31c82d9f5a599eb9b8981bfa3e85a18f5575f6e800d25
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e49288cded16fd39b68f9a4c511e863ea5d03bef945cbc84ca5c1a8544664a5
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
840a78b0d620229e5e63b7e26068ff3ecd7f314f1972534f6641bc2fc6168846
86c8f0ef3d5c51e837bd0c69424d11e9e8522f834e1c18d620073db93b5c79f7
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
880992727539df6b86a03dd4ddcf456a9732a3cd03cb01668730492d1bd97079
89a4dc985f4858672e2e9433d0449a7c2ae4f9162542f6afb9dae7099755cf7d
8bca515ba642c6c9c88eacc51f46a408534acd5fd6592970929503bd59d779bf
937e59152189ecedb8688efcd8b927fc40d43b5c5225a05a25f4cf537ad8ca7c
966a12f1da718934de5c9ac794f9e50ba7afb8bad70baefe10f224b6ada32467
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
983e357f89b271ec5b55552dd277c48b7891344bfaf230b5b3126fb0a55c1d69
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9ae8fa2561b9686ad863d2eb0aa5832be309875cad56ac19dc04f9f075dbca1e
9e038ad8d6f4e0982fc74aa17e251982a487d9e7326ab37ae739d146236593b3
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1e35120a572decb1f41f4768564115b3758f96aeedb71fd12ce7d3ff9c0e90f
a25035bb51e52305be96d7192d2df96d899fed862cfd4e5fdf661ed68d9c9827
a3947dfc0490d874261b07b9eb9e85355067292c1d2be1915d42e51b378bd9ee
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b85ee094553ce0149f659a0218a9085df755924b32ca35ee5f42245ab0cd8b8f
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd2627a04f12a741911cd403cc8b1386a3a57bd760d3808f81c32df1c1d994e5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd991c27333efd3d03967ada74c1d106709e5ad3a3d26cdef51d03a8abe085f3
c1d86246995c2ff88b179c98eed35a966cbb28e340413990892182ed0428b4b7
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3e535950465fddbb74df738e49f557e7522d057753d277a6dbd3ad916d068a5
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd
cb5ce5ab5fa8ab82b7843775ab28759197a458286106c541683faf704774bdf7
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26c345134b24756449058343709a442b9b9f13541e445b7db72dbd9c0041747
d28401c309de2ee15d69288f6d8a89bba4a5491d094aca5822a2e7033d5b40a7
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2a9f98f31d7d2b081b530550195397698154d8fd67f37b8077eba05c0c4bb64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5166861862f7dca0bae810d00a45407760215b70b90696b74b485e27938948d
e69042895b3225968f6d0beb976632ef82fd4c8ef0bd04c6a576cb94b0e22b11
ec934eecf474af1cbf210cb0b23f14f407f7d6960eb2bd25bee29e4038cd5e08
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f685b176dc02f6e359f89e1d2d96d4f8b3be0585f09051afff2e598c4cd09296

blog.esper.io Open in urlscan Pro 192.0.78.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

98 %HTTPS

55 %IPv6

26 Domains

39 Subdomains

38 IPs

4 Countries

2094 kBTransfer

6094 kBSize

19 Cookies

37 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.esper.io Open in urlscan Pro
192.0.78.137 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

98 %
HTTPS

55 %
IPv6

26
Domains

39
Subdomains

38
IPs

4
Countries

2094 kB
Transfer

6094 kB
Size

19
Cookies

106 HTTP transactions
2 data transactions