securityintelligence.com Open in urlscan Pro
2606:4700:30::681b:9b90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Submission: On October 14 via api (October 14th 2019, 4:00:10 pm UTC) from CH

Summary HTTP 75 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 75 HTTP transactions. The main IP is 2606:4700:30::681b:9b90, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is securityintelligence.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 20th 2019. Valid for: a year.

This is the only time securityintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 51	2606:4700:30:... 2606:4700:30::681b:9b90	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
17	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:eb:... 2a02:26f0:eb:1a3::b3a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
75	7

51 2606:4700:30::681b:9b90 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

securityintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:1a3::b3a (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

1.www.s81c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.241 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	securityintelligence.com 1 redirects securityintelligence.com	698 KB
17	ampproject.org cdn.ampproject.org	275 KB
4	gstatic.com fonts.gstatic.com	53 KB
1	tiqcdn.com tags.tiqcdn.com	1 KB
1	s81c.com 1.www.s81c.com	61 KB
1	googleapis.com fonts.googleapis.com	850 B
75	6

	Domain	Requested by
51	securityintelligence.com	1 redirects securityintelligence.com cdn.ampproject.org
17	cdn.ampproject.org	securityintelligence.com cdn.ampproject.org
4	fonts.gstatic.com	cdn.ampproject.org
1	tags.tiqcdn.com	1.www.s81c.com
1	1.www.s81c.com	securityintelligence.com
1	fonts.googleapis.com	securityintelligence.com
75	6

This site contains links to these domains. Also see Links.

Domain
www.istockphoto.com
www.ibm.com
www.riskiq.com
github.com
www.owasp.org
www.twitter.com
www.linkedin.com
facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-02-20` - `2020-02-20`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
www.ibm.com GeoTrust RSA CA 2018	`2019-06-11` - `2020-04-20`	10 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-13`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Frame ID: 7B845FE7ABB1DF741447B1B8E49C7261
Requests: 78 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers HTTP 301
https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

75
Requests

99 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

1088 kB
Transfer

2045 kB
Size

1
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.istockphoto.com/photo/network-hub-and-cable-gm170227872-23215182
Title: iStock

Search URL Search Domain Scan URL

URL: https://www.ibm.com/security/services/ibm-x-force-incident-response-and-intelligence
Title: IBM X-Force Incident Response and Intelligence Services (IRIS)

Search URL Search Domain Scan URL

URL: https://www.riskiq.com/blog/labs/magecart-ticketmaster-breach/
Title: Previous research

Search URL Search Domain Scan URL

URL: https://github.com/gwillem/magevulndb
Title: extension blacklists

Search URL Search Domain Scan URL

URL: https://github.com/paragonie/csp-builder
Title: free tool

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/Content_Security_Policy
Title: OWASP’s Top 10 list

Search URL Search Domain Scan URL

URL: https://www.ibm.com/account/reg/us-en/signup?formid=urx-40840
Title: Download the research to learn more about MG5

Search URL Search Domain Scan URL

URL: https://www.twitter.com/ibmsecurity
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ibm-security
Title:

Search URL Search Domain Scan URL

URL: https://facebook.com/ibmsecurity
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/IBMSecurity
Title:

Search URL Search Domain Scan URL

URL: http://www.ibm.com/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: © 2019 IBM

Search URL Search Domain Scan URL

URL: https://www.ibm.com/contact/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.ibm.com/privacy/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.ibm.com/legal/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US&cm_mc_uid=03001744655915532865554&cm_mc_sid_50200000=84159441565120380187
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.ibm.com/accessibility/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.ibm.com/security?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Sponsored by .cls-1{fill:#fff;}si-icon-eightbarfeature

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers HTTP 301
https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Redirect Chain

https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers
https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

125 KB
21 KB

732ms
732ms

Document
text/html

2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: cccb0620c9dd317ffdf8083efcd56306e3d01f02ee150eb64c55d6cce2e56c4d

Request headers

:method: GET
:authority: securityintelligence.com
:scheme: https
:path: /posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
cookie: __cfduid=d53ced311cd37217c73841c8346bfffd31571068788
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Mon, 14 Oct 2019 15:59:50 GMT
content-type: text/html; charset=UTF-8
link: <https://securityintelligence.com/wp-json/>; rel="https://api.w.org/", <https://securityintelligence.com/?p=406068>; rel=shortlink
expires: Mon, 14 Oct 2019 15:47:47 GMT
pragma: public
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
x-powered-by: W3 Total Cache/0.10.1
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2019 15:46:47 GMT
referrer-policy: same-origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 525ac33f7db0cbb0-VIE
content-encoding: br

Redirect headers

status: 301
date: Mon, 14 Oct 2019 15:59:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d53ced311cd37217c73841c8346bfffd31571068788; expires=Tue, 13-Oct-20 15:59:48 GMT; path=/; domain=.securityintelligence.com; HttpOnly; Secure
expires: Mon, 14 Oct 2019 15:47:46 GMT
pragma: public
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
x-powered-by: W3 Total Cache/0.10.1
vary: Accept-Encoding
location: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
last-modified: Mon, 14 Oct 2019 15:46:46 GMT
referrer-policy: same-origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 525ac33a5d35cbb0-VIE

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 259 KB
71 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ca215e734899c7be6083e5659a03cf176227ddbda5eb37e47e0de2123ff68044

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "30cf5e8c6c5efdb3"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 72182
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-youtube-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
10 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a37fcf7c9613fa14cc4ba2116c83499c5f3ec90365eb5b50c61d8c7a559540ae

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "9a2987b7c728bfe0"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9505
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 27 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f23438883542eaa115f56848c583c4354cd98ae526d571d92045cc74b4e38124

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "377fbf14fb0618c9"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 21 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dd8b89ee76a7160e22fc68d70cd156fde5dbaa6da5bb7b28dbb9d51222a0c92d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "c1e1949de5ea64c1"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7876
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 15 KB
5 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce5498631a1dc4fbdf8b825a5e7a9d408a4cda27bf2589006ba61aa8b58006b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "bf064eaf29b639b2"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5519
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-list-0.1.js Show response
cdn.ampproject.org/v0/ 35 KB
11 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-list-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

36a5185b3d8047b071c66abb9c08f5fe7c24048c57beac0fa1ea1a2effb88f7c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "64f2cfac1eb05236"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11181
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 33 KB
12 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5f5f92a6593aaf2482f2c5a1ef1452893cfaab273e9754cf7507c396104d3dcb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "446fd021206c004d"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12302
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

655411f1e5dd3ce638ac156035c08cccc83c918a47e59353a1f71a005f1c65b5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "3c02c392ec17c39a"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4860
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 43 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

77e7179677771e6fabc15450dec78c54b46c12a754c5b95cd10a4db382356ca7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "b85b2aa809a39ac2"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13885
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 150 KB
40 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1e8e1020a82f6538f6ae9f6218cc1838c7d20d6874f0ff863a2f2c51d073abd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "92ef057000e5546d"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40806
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-video-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
9 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-video-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a6114681650601b6fde93b861478554623c6a660af78adb459cef21817837b68

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "79e71f195cb54853"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9527
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/v0/ 58 KB
17 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

efeac583f8545986493ae73a2ea6708ede477ec1180b9989dc668355b3bb95d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "4aa6a7ed697bdfd8"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17488
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/v0/ 104 KB
28 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-animation-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

35bbe2fed6b99518f9cdf8d5d692ad4ce2fe1da57e911f122fa176836f97e901

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "4a97b6aa2a2bef3b"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29050
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-position-observer-0.1.js Show response
cdn.ampproject.org/v0/ 9 KB
4 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-position-observer-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47bdf147d5de98303bbdb32c10bbe1c6e82b09f1f23edfd7b43a6e7ebea71dc8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "cbf5deb198e4eeb3"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3543
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 amp-bind-0.1.js Show response
cdn.ampproject.org/v0/ 46 KB
15 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ee5af32a915bd00151dc121a72a82efe7ad2b00607170308ee065efc0a4e46

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "efcd2258326822df"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15589
x-xss-protection: 0
server: sffe
date: Mon, 14 Oct 2019 15:59:50 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
850 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:400,500|IBM+Plex+Sans:300,400,500

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

7419bf46a76af123025637f293600ee40fed46e30944b4d3fcaf9947c8e448be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 14 Oct 2019 15:59:50 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 14 Oct 2019 15:59:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 14 Oct 2019 15:59:50 GMT

GET
H2 200 ibm-common.js Show response
1.www.s81c.com/common/stats/ 186 KB
61 KB 27ms
13ms Script
application/javascript 2a02:26f0:eb:1a3::b3a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/stats/ibm-common.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:eb:1a3::b3a , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

84531b771bf6a715c0665366806125d04bdffbf724ff3d77c19f52c713756f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:50 GMT
content-encoding: gzip
last-modified: Fri, 11 Oct 2019 00:18:00 GMT
etag: "2e8f0-59497735cfe00"
ntcoent-length: 190704
vary: Accept-Encoding
content-type: application/javascript
status: 200
epke-alive: timeout=10, max=100
cache-control: max-age=24068
strict-transport-security: max-age=2592000
accept-ranges: bytes
content-length: 62010
expires: Mon, 14 Oct 2019 22:40:58 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v7/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:400,500|IBM+Plex+Sans:300,400,500
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 05:08:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:47:55 GMT
server: sffe
age: 384687
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12872
x-xss-protection: 0
expires: Fri, 09 Oct 2020 05:08:23 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 13 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v7/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdP3pBms.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8151f87552052755282c1300d6b7590b30e29b2845d85af2626cb7b08bcdbc19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:400,500|IBM+Plex+Sans:300,400,500
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 05:06:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:22 GMT
server: sffe
age: 384810
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13716
x-xss-protection: 0
expires: Fri, 09 Oct 2020 05:06:20 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/011910071803120/v0/ 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071803120/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d8bdf377a989200a803544cbf036e76520ec1219c4274c7101e685c2715019d9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "430965cd47d2d961"
age: 501189
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2983
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:46:41 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:46:41 GMT

GET
H2 200 logo-white.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 7 KB
2 KB 23ms
18ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/logo-white.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 9e6fcf49348b90eecc2524393f3a64ead45fc8faae869fada5d3f8fb2ad26b35

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:50 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac3450d66cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:50 GMT

GET
H2 200 loading.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 972 B
655 B 22ms
17ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/loading.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 790cfd19a8e033f96c28d63386fc4e3aff117ed855f762b40f39691a921de760

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:50 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac3450d67cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:50 GMT

GET
H2 200 search.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 951 B
508 B 20ms
20ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:50 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac3451d8bcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:50 GMT

GET
H2 200 close.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 898 B
480 B 21ms
21ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 7f25d60a14b865431ce31f8e2241549a651f539cc4a0a3ce14623f7a8cc77164

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:50 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac3451d8ccbb0-VIE
expires: Tue, 13 Oct 2020 15:59:50 GMT

GET
H2 200 topics.svg
securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/ 847 B
460 B 19ms
19ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/topics.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 62f909c2868671b545e7a1c2bd91bdaeb35e2c520752d2330697d0502ba7a7e9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:50 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac3451d8ecbb0-VIE
expires: Tue, 13 Oct 2020 15:59:50 GMT

GET
H2 200 posts.php Show response
securityintelligence.com/wp-content/themes/sapphire/app/jsons/ 3 KB
649 B 956ms
955ms Fetch
application/json 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/posts.php?quantity=4&type=ibm_news&__amp_source_origin=https%3A%2F%2Fsecurityintelligence.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6453c9c09235fc52e2e50a693cff182e3aaae29c96092cd1dcdd5271e133f18

Request headers

Accept: application/json
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
AMP-Same-Origin: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://securityintelligence.com
cache-control: max-age=31536000
cf-ray: 525ac3452d9ecbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 taxonomies.php Show response
securityintelligence.com/wp-content/themes/sapphire/app/jsons/ 1 KB
413 B 690ms
689ms Fetch
application/json 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/taxonomies.php?quantity=4&taxonomy=series&__amp_source_origin=https%3A%2F%2Fsecurityintelligence.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34430799a65813f4b5812cae542700a83cee085231f0ee35574172d0b5fa47ac

Request headers

Accept: application/json
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
AMP-Same-Origin: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: max-age=31536000
cf-ray: 525ac3452da1cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:50 GMT

GET
H2 200 posts.php Show response
securityintelligence.com/wp-content/themes/sapphire/app/jsons/ 2 KB
502 B 924ms
923ms Fetch
application/json 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/posts.php?quantity=3&category=industries&__amp_source_origin=https%3A%2F%2Fsecurityintelligence.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61410ffdaeec8faad418d9a06beab66e0aff29982103997341aa7c3fbafc830

Request headers

Accept: application/json
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
AMP-Same-Origin: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://securityintelligence.com
cache-control: max-age=31536000
cf-ray: 525ac3452da2cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 posts.php Show response
securityintelligence.com/wp-content/themes/sapphire/app/jsons/ 2 KB
584 B 967ms
967ms Fetch
application/json 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/posts.php?quantity=4&category=x-force&__amp_source_origin=https%3A%2F%2Fsecurityintelligence.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d9e09209274258fa22043d0984cf486f3b528d9a4cf4d856d481c192ac77ee

Request headers

Accept: application/json
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
AMP-Same-Origin: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://securityintelligence.com
cache-control: max-age=31536000
cf-ray: 525ac3452da3cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 posts.php Show response
securityintelligence.com/wp-content/themes/sapphire/app/jsons/ 2 KB
605 B 958ms
958ms Fetch
application/json 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/posts.php?quantity=4&type=ibm_media&__amp_source_origin=https%3A%2F%2Fsecurityintelligence.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7b5caf955349b5bc1aff0ec3bc4fefab0a1418e9384d5cb5ac65c47420fcf7

Request headers

Accept: application/json
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
AMP-Same-Origin: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://securityintelligence.com
cache-control: max-age=31536000
cf-ray: 525ac3452da5cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 posts.php Show response
securityintelligence.com/wp-content/themes/sapphire/app/jsons/ 2 KB
646 B 679ms
679ms Fetch
application/json 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/posts.php?quantity=4&type=ibm_event&__amp_source_origin=https%3A%2F%2Fsecurityintelligence.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e218d33081e0356352bb5ae25881ce96a254ae3ce55356545a0d9bf06ae669

Request headers

Accept: application/json
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
AMP-Same-Origin: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://securityintelligence.com
cache-control: max-age=31536000
cf-ray: 525ac3452da7cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:50 GMT

GET
DATA 200
OK truncated
/ 737 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 635af0203692525e35e867c4e8d671740f8df68ec32ba32f2cc57606d596c91c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0904606dbb327b3099575fd43be8c443b826bce9c55192e8f7f2a2af1db81061

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b6baa10284593ef2b3bc98916fa178001eed4e2e45f11f3df5602de0accbe5d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 christopher-kiefer.png
securityintelligence.com/wp-content/uploads/2019/05/ 259 KB
260 KB 161ms
160ms Image
image/png 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/05/christopher-kiefer.png
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: c6a12e391738ad19ed478c2dcd44678cbf291abf617d636bf1616fa0b738b180

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 265376
pragma: public
referrer-policy: same-origin
last-modified: Fri, 17 May 2019 18:11:31 GMT
server: cloudflare
etag: "40ca0-589194fe2bac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 525ac34edebfcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v7/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdP3pBms.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

07448ac2a8142e9e10ae393320d189506a4b3e141fb85aa88356ef81f367e964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:400,500|IBM+Plex+Sans:300,400,500
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 11:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:08 GMT
server: sffe
age: 360553
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13936
x-xss-protection: 0
expires: Fri, 09 Oct 2020 11:50:37 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYYnFBq4.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

288d0edce2b398cb452d2fceed89f7f92cfbe1de0370fadae31f701ab309bf21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:400,500|IBM+Plex+Sans:300,400,500
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 00:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:45:09 GMT
server: sffe
age: 316412
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13316
x-xss-protection: 0
expires: Sat, 10 Oct 2020 00:06:18 GMT

GET
H2 200 p_ca2b1353a9866ce282c32ebe6cb637239b14c006419a603e268f652811e8ead4.js Show response
tags.tiqcdn.com/dle/ibm/web/ 957 B
1 KB 9ms
9ms Script
application/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/dle/ibm/web/p_ca2b1353a9866ce282c32ebe6cb637239b14c006419a603e268f652811e8ead4.js
Requested by: Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FF5) /
Resource Hash: f2de152f2a6b871ebfeeb67880cb9b380868849546ada1431efac36042b34f88

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:50 GMT
etag: "40f04f2a5839db2c68058f5aa454a48d"
last-modified: Wed, 09 Oct 2019 08:37:40 GMT
server: ECAcc (frc/8FF5)
x-amz-request-id: E95EAE07E5D18409
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 957
x-amz-id-2: c/PJAMILhVnfIY+4YfiyvxVheO60o7/6wKqS3mQixiSoec7DYUUdxqxGJlqciCO91Ul54tXKwMM=
expires: Mon, 14 Oct 2019 16:59:50 GMT

GET
H2 200 ww.js Show response
cdn.ampproject.org/rtv/011910071803120/ 46 KB
14 KB 30ms
6ms Fetch
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071803120/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

689abddbbb30ec127b4f25769ecb186ef140f38e256c65c8e40a431348cc5446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "12358c0e75060da8"
age: 350801
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: sffe
date: Thu, 10 Oct 2019 14:33:09 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Fri, 09 Oct 2020 14:33:09 GMT

GET
H2 200 scroll-to-top.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 715 B
436 B 16ms
16ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/scroll-to-top.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 8c59a32e7be7d4d735aff5c456a307fc28589e408b4732e24f0532765a1122b1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:50 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac3460fcccbb0-VIE
expires: Tue, 13 Oct 2020 15:59:50 GMT

GET
H2 200 leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers-630x330.jpg
securityintelligence.com/wp-content/uploads/2019/09/ 20 KB
20 KB 606ms
606ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/09/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers-630x330.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 4f7465596b0cef74acbe4e14a8584d1b577aba841280b6223b025a1e09174f77

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 20326
pragma: public
referrer-policy: same-origin
last-modified: Wed, 25 Sep 2019 10:00:22 GMT
server: cloudflare
etag: "4f66-5935db8a8e224"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac3460fcbcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 posts.php Show response
securityintelligence.com/wp-content/themes/sapphire/app/jsons/ 2 KB
531 B 1045ms
1044ms Fetch
application/json 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/posts.php?quantity=3&category=&post__not_in=406068&__amp_source_origin=https%3A%2F%2Fsecurityintelligence.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71873f13128579299fd1091c41e3272f8ecdec965e675144ecbfb4a9cb8f7961

Request headers

Accept: application/json
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
AMP-Same-Origin: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://securityintelligence.com
cache-control: max-age=31536000
cf-ray: 525ac3460fc6cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 posts.php Show response
securityintelligence.com/wp-content/themes/sapphire/app/jsons/ 2 KB
701 B 1088ms
1088ms Fetch
application/json 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/posts.php?quantity=4&category=threats&post__not_in=406068&__amp_source_origin=https%3A%2F%2Fsecurityintelligence.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822c8f27034e1e4886caa5d3747ee0743274d7d3a072ef17940e79054c672b9d

Request headers

Accept: application/json
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
AMP-Same-Origin: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://securityintelligence.com
cache-control: max-age=31536000
cf-ray: 525ac3460fcacbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
BLOB 200
OK d381cb65-a48e-49a3-823d-1e6914e8bb3d
https://securityintelligence.com/ 46 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://securityintelligence.com/d381cb65-a48e-49a3-823d-1e6914e8bb3d
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-bind-0.1.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 890a19b6ced3391d812799bf469c3d36b9de072b562c59d9a7fc75710084bbf6

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 47567
Content-Type: text/javascript

GET
H2 200 si-event-qradarOct-feature-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 5 KB
6 KB 568ms
567ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/si-event-qradarOct-feature-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 7db6ffbba56dc7904f92bfb09b89eaa1cd796ea0bb2a258e047f0fe7fa1bf446

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 5602
pragma: public
referrer-policy: same-origin
last-modified: Fri, 11 Oct 2019 20:18:39 GMT
server: cloudflare
etag: "15e2-594a83938ec00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac349b91ecbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 si-event-securityAlliance-feature-1-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 10 KB
10 KB 151ms
150ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/si-event-securityAlliance-feature-1-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 57f72b2879c93bdc74f5cbd7c893f94f21299712b555e63da1bf49cc98ff7c84

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 10614
pragma: public
referrer-policy: same-origin
last-modified: Thu, 10 Oct 2019 14:33:16 GMT
server: cloudflare
etag: "2976-5948f48382e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac349b91acbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 si-event-californiaProtectionAct-feature-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 9 KB
9 KB 548ms
546ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/si-event-californiaProtectionAct-feature-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 02c0484092f28225e82b90e3c8ff9aaea81e5444b9674f7ca941d5b49a56f391

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 8740
pragma: public
referrer-policy: same-origin
last-modified: Fri, 04 Oct 2019 16:49:30 GMT
server: cloudflare
etag: "2224-594187c628056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac349b915cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 si-event-UEMprotection-feature-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 7 KB
7 KB 552ms
550ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/si-event-UEMprotection-feature-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: a573d970fff2a96dc45df45a04cf0b37bf72a8d7c5370342053902bd2203e064

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 7552
pragma: public
referrer-policy: same-origin
last-modified: Fri, 04 Oct 2019 16:43:33 GMT
server: cloudflare
etag: "1d80-59418671ddba4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac349b90bcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 events.svg
securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/ 1 KB
410 B 21ms
20ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/events.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 26f0a6667c9709704a6914e4f1119125b072c56576ee8c699d4c39268d3a3566

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac349b920cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 SI-series-voices-of-security-1200x630-630x330.jpg
securityintelligence.com/wp-content/uploads/2018/12/ 9 KB
9 KB 152ms
150ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2018/12/SI-series-voices-of-security-1200x630-630x330.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 39e02694389cb1d56108a608830e4d45b7b824b2979cb2b6996293727a3768e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 8924
pragma: public
referrer-policy: same-origin
last-modified: Fri, 20 Sep 2019 10:09:15 GMT
server: cloudflare
etag: "22dc-592f94333ee6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac349b917cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 si-codb-feature-630x330.jpg
securityintelligence.com/wp-content/uploads/2019/07/ 8 KB
8 KB 551ms
550ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/07/si-codb-feature-630x330.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: b543924d68d2e019c1dffa5fd22919e372b2f7ee61cce6dff1965f72dfcf31b7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 8362
pragma: public
referrer-policy: same-origin
last-modified: Fri, 20 Sep 2019 10:09:15 GMT
server: cloudflare
etag: "20aa-592f94333a04d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac349b919cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 SI-Series-XforceRedinAction-Feature-1-630x330.jpg
securityintelligence.com/wp-content/uploads/2018/07/ 5 KB
5 KB 548ms
547ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2018/07/SI-Series-XforceRedinAction-Feature-1-630x330.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: f27ec48db523beef2b7190350943033554bc23107ea6d26215c522cb95ddfb83

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 5528
pragma: public
referrer-policy: same-origin
last-modified: Fri, 20 Sep 2019 10:09:15 GMT
server: cloudflare
etag: "1598-592f94332e8b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac349b91ccbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 si-series-jobsInCybersecurity-1-630x330.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 24 KB
24 KB 568ms
567ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/si-series-jobsInCybersecurity-1-630x330.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 4e2ffe1c780ed2d6530c62331b147bdd7d4acf43312ad3e44766bfb91f23b680

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 24750
pragma: public
referrer-policy: same-origin
last-modified: Tue, 01 Oct 2019 19:41:40 GMT
server: cloudflare
etag: "60ae-593de8a8e1209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac349b910cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 series.svg
securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/ 645 B
323 B 18ms
17ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/series.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 3ec7980abbfb7fea2bc2f5677ace5fbc8840c8e2562ca9d2bb4813b39e49b2ed

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac349b91fcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 why-cities-shouldnt-pay-ransomware-criminals-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 9 KB
9 KB 553ms
552ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/why-cities-shouldnt-pay-ransomware-criminals-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 2c8096aacc371b3475804ef35a3dffc335b716b170904a19f121bb57dc8eab1b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 8782
pragma: public
referrer-policy: same-origin
last-modified: Thu, 10 Oct 2019 10:00:20 GMT
server: cloudflare
etag: "224e-5948b78278acb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b2d5fcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 ramnit-targets-japanese-shoppers-aiming-at-top-fashion-brands-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 6 KB
6 KB 156ms
155ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/ramnit-targets-japanese-shoppers-aiming-at-top-fashion-brands-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: a522a8a90763446a4028f08c49f86bcb4a55abdf06a792891be44c7d7f77737b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 5860
pragma: public
referrer-policy: same-origin
last-modified: Thu, 03 Oct 2019 10:00:22 GMT
server: cloudflare
etag: "16e4-593fea76124cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b2d64cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 external_how-do-you-secure-a-smart-city-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/09/ 6 KB
6 KB 549ms
548ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/09/external_how-do-you-secure-a-smart-city-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: e89c96161913b0b05c8d03650a0d734f3330700e0e83177812a5c7202c5a000f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 6178
pragma: public
referrer-policy: same-origin
last-modified: Fri, 27 Sep 2019 11:15:22 GMT
server: cloudflare
etag: "1822-5938700903eed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b2d67cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 industries.svg
securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/ 798 B
483 B 18ms
17ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/industries.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 387fa522300a6853995e82acc99954fc4e12a8851ce2eddf80e0bb5c6f4cf347

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac34b2d68cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 imposter-email-attacks-targeting-heathcare-increased-by-300-percent-between-q1-2018-and-q1-2019-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 5 KB
5 KB 152ms
151ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/imposter-email-attacks-targeting-heathcare-increased-by-300-percent-between-q1-2018-and-q1-2019-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 302149ea5ebce2c630e20a941f7aad719643f1845c8689f4abef83b50120c557

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 4656
pragma: public
referrer-policy: same-origin
last-modified: Mon, 14 Oct 2019 15:15:23 GMT
server: cloudflare
etag: "1230-594e05638160c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b6e2fcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 new-bitpaymer-ransomware-campaign-exploits-apple-zero-day-vulnerability-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 8 KB
8 KB 148ms
147ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/new-bitpaymer-ransomware-campaign-exploits-apple-zero-day-vulnerability-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: e5fd09bc762b0b58d235fe150a73ac17a7307d44c9d2e68126afeec5c6ac7b96

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 8158
pragma: public
referrer-policy: same-origin
last-modified: Mon, 14 Oct 2019 15:10:23 GMT
server: cloudflare
etag: "1fde-594e0445658fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b6e25cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 si-newsroundup-feature-1-1-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 2 KB
3 KB 551ms
550ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/si-newsroundup-feature-1-1-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: c571189e408f7ab2b26f2bec7b2315fe9f3678ecd9180eed945853fc905c444e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 2476
pragma: public
referrer-policy: same-origin
last-modified: Mon, 14 Oct 2019 12:00:24 GMT
server: cloudflare
etag: "9ac-594dd9ce3a159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b6e30cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 news_georgia-city-avoids-data-loss-after-third-ransomware-attack-of-2019-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 5 KB
5 KB 158ms
156ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/news_georgia-city-avoids-data-loss-after-third-ransomware-attack-of-2019-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 9801f55b301a84f0b19e735a29ad63b80e5e2969f5acd5e10f72997ac55f9648

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 5080
pragma: public
referrer-policy: same-origin
last-modified: Wed, 09 Oct 2019 20:30:23 GMT
server: cloudflare
etag: "13d8-5948027887ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b6e2acbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 news.svg
securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/ 952 B
479 B 18ms
17ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/news.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 4a306d44cac4e4128af886f1a3da94238ee7524fb0fbae0cbcc5769070c87f40

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac34b6e32cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 podcast-cloud-security-and-the-road-to-transformation-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/09/ 20 KB
20 KB 582ms
580ms Image
image/jpeg 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/09/podcast-cloud-security-and-the-road-to-transformation-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 8f6641ba6b02257f38c86a0f896c58c8391d27135370445f0edbee5caad969b7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 20009
pragma: public
referrer-policy: same-origin
last-modified: Tue, 10 Sep 2019 15:00:24 GMT
server: cloudflare
etag: "4e29-5923429fdb200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 525ac34b6e27cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 podcast-are-you-prepared-to-respond-to-a-destructive-malware-attack-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/08/ 16 KB
16 KB 574ms
572ms Image
image/jpeg 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/08/podcast-are-you-prepared-to-respond-to-a-destructive-malware-attack-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 47067a74004abccac7d44dacaf56c9b7bc40a371989c18e485ddc584070033e9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 16093
pragma: public
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2019 11:10:23 GMT
server: cloudflare
etag: "3edd-58f70def105c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 525ac34b6e24cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 podcast-as-data-privacy-regulations-evolve-companies-must-adapt-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/07/ 10 KB
10 KB 157ms
156ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/07/podcast-as-data-privacy-regulations-evolve-companies-must-adapt-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 1884b01d0c83eaa10b10472779d3d226bf6429a2a519b77ca06694bb3f692285

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 10388
pragma: public
referrer-policy: same-origin
last-modified: Mon, 23 Sep 2019 17:43:56 GMT
server: cloudflare
etag: "2894-5933bf6c9363c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b6e31cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 podcast-key-takeaways-from-the-2019-cost-of-a-data-breach-report-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/07/ 21 KB
21 KB 152ms
151ms Image
image/jpeg 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/07/podcast-key-takeaways-from-the-2019-cost-of-a-data-breach-report-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 3a031415d384192fb7f18fbdcfb65c86ce3c624f26d15c66cf16ff69c524de8a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:51 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 21102
pragma: public
referrer-policy: same-origin
last-modified: Tue, 23 Jul 2019 11:00:27 GMT
server: cloudflare
etag: "526e-58e5719a388c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 525ac34b6e2bcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 podcast.svg
securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/ 697 B
390 B 19ms
18ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/podcast.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 3d44e96af1e12b94bbc7fcb5bb3fced1a9e3c197f3f02312f342771c21a1e782

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac34b6e34cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 why-fixing-security-vulnerabilities-is-not-that-simple-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/10/ 6 KB
7 KB 570ms
570ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/10/why-fixing-security-vulnerabilities-is-not-that-simple-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: f16649bf77ed98d6cb44d32bec5a2ed4927d9d2e523adaa227795fa3086eb2fe

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 6622
pragma: public
referrer-policy: same-origin
last-modified: Tue, 01 Oct 2019 10:00:24 GMT
server: cloudflare
etag: "19de-593d66bd021c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b7e65cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/09/ 8 KB
8 KB 562ms
561ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/09/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: aba40e1bfaf9721176395d3c9b4a44cb2134463634fbe9d857b1997a4091b7c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 8296
pragma: public
referrer-policy: same-origin
last-modified: Wed, 25 Sep 2019 10:00:22 GMT
server: cloudflare
etag: "2068-5935db8a9fb65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b7e64cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 the-art-of-patch-management-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/09/ 7 KB
8 KB 552ms
552ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/09/the-art-of-patch-management-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 7a2f3e3b904f7dc4e8766cf839c3852b569e651346f0859310a91248b9d25bef

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 7618
pragma: public
referrer-policy: same-origin
last-modified: Fri, 20 Sep 2019 10:09:38 GMT
server: cloudflare
etag: "1dc2-592f9448d03ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac34b7e63cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 threat-research.svg
securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/ 1 KB
509 B 18ms
17ms Image
image/svg+xml 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/post-type-icons/threat-research.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: dfa93d222965b21a07c53fd598cd3fbed9365a782859e8c3f3652eed7e1ae622

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Oct 2019 15:59:51 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
age: 1799
x-powered-by: W3 Total Cache/0.10.1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
cf-ray: 525ac34b7e5fcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:51 GMT

GET
H2 200 internal_how-can-financial-services-stem-the-tide-of-mobile-phishing-attacks-300x158.png
securityintelligence.com/wp-content/uploads/2019/09/ 70 KB
70 KB 268ms
268ms Image
image/png 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/09/internal_how-can-financial-services-stem-the-tide-of-mobile-phishing-attacks-300x158.png
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 048e9a80c41685de83421ddbfde40253387158b5455c1a157ad71d342ddfda5e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 71436
pragma: public
referrer-policy: same-origin
last-modified: Thu, 05 Sep 2019 11:00:23 GMT
server: cloudflare
etag: "1170c-591cc3a6affc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 525ac34eff08cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 more_eggs-anyone-threat-actor-itg08-strikes-again-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/08/ 16 KB
17 KB 259ms
258ms Image
image/jpeg 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/08/more_eggs-anyone-threat-actor-itg08-strikes-again-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: e6538410a9a3f266323d73b8dab0a6b8f284d0108f6a22fb18953ca663713560

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 16844
pragma: public
referrer-policy: same-origin
last-modified: Thu, 29 Aug 2019 10:00:46 GMT
server: cloudflare
etag: "41cc-5913e9452af80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 525ac34eff36cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 what-are-advanced-persistent-threats-apts-and-how-do-you-find-them-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/08/ 17 KB
17 KB 251ms
250ms Image
image/jpeg 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/08/what-are-advanced-persistent-threats-apts-and-how-do-you-find-them-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 34f63eb90a4502643b942715f2ffe492f07a1874b68ee245a282baaa5347d16e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 17442
pragma: public
referrer-policy: same-origin
last-modified: Wed, 28 Aug 2019 11:00:20 GMT
server: cloudflare
etag: "4422-5912b4b823900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 525ac34f0f57cbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 from-backhoes-to-operating-systems-the-top-five-atm-security-weaknesses-300x158.jpg
securityintelligence.com/wp-content/uploads/2019/08/ 19 KB
20 KB 157ms
157ms Image
image/jpeg 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/08/from-backhoes-to-operating-systems-the-top-five-atm-security-weaknesses-300x158.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 4bcb9b03832289829b62375b817ee40dcf309123c18969c800b2638f81d1fd3c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:52 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 19886
pragma: public
referrer-policy: same-origin
last-modified: Thu, 08 Aug 2019 10:00:22 GMT
server: cloudflare
etag: "4dae-58f9820399980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 525ac34fc95bcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:52 GMT

GET
H2 200 si-magecartKillChain-inpost.jpg
securityintelligence.com/wp-content/uploads/2019/09/ 53 KB
53 KB 281ms
280ms Image
image/webp 2606:4700:30::681b:9b90
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/09/si-magecartKillChain-inpost.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:9b90 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.10.1
Resource Hash: 427b80d31e013a75b89fce8aa20ac47f3a4fd45bb58572080a915a2978f29a5f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:59:57 GMT
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.10.1
status: 200
content-length: 53804
pragma: public
referrer-policy: same-origin
last-modified: Thu, 26 Sep 2019 13:52:15 GMT
server: cloudflare
etag: "d22c-5937513c46900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age= 31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 525ac3726f6bcbb0-VIE
expires: Tue, 13 Oct 2020 15:59:57 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.securityintelligence.com/	1970-01-19 13:10:04	Name: __cfduid Value: d69e052f3a3b05176ce61c402fb2e042a1571068792

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/v0.js(Line 541) Message: Powered by AMP ⚡ HTML – Version 1910071803120 https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/
console-api	error	URL: https://cdn.ampproject.org/v0.js(Line 127) Message: localStorage not supported.
console-api	warning	URL: https://cdn.ampproject.org/v0.js(Line 8) Message: [CustomElement] Cannot resize element and overflow is not available [object HTMLElement]
console-api	warning	URL: https://cdn.ampproject.org/v0.js(Line 8) Message: [CustomElement] Cannot resize element and overflow is not available [object HTMLElement]
console-api	log	URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/(Line 112) Message: [object NodeList]
console-api	log	URL: https://securityintelligence.com/posts/leading-magecart-group-targeting-captive-wi-fi-users-via-l7-routers/(Line 113) Message: [object NodeList]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.www.s81c.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
securityintelligence.com
tags.tiqcdn.com
152.199.23.241
2606:4700:30::681b:9b90
2a00:1450:4001:817::200a
2a00:1450:4001:824::2001
2a00:1450:4001:825::2003
2a02:26f0:eb:1a3::b3a
02c0484092f28225e82b90e3c8ff9aaea81e5444b9674f7ca941d5b49a56f391
048e9a80c41685de83421ddbfde40253387158b5455c1a157ad71d342ddfda5e
07448ac2a8142e9e10ae393320d189506a4b3e141fb85aa88356ef81f367e964
0904606dbb327b3099575fd43be8c443b826bce9c55192e8f7f2a2af1db81061
0c7b5caf955349b5bc1aff0ec3bc4fefab0a1418e9384d5cb5ac65c47420fcf7
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
1884b01d0c83eaa10b10472779d3d226bf6429a2a519b77ca06694bb3f692285
1e8e1020a82f6538f6ae9f6218cc1838c7d20d6874f0ff863a2f2c51d073abd7
26f0a6667c9709704a6914e4f1119125b072c56576ee8c699d4c39268d3a3566
288d0edce2b398cb452d2fceed89f7f92cfbe1de0370fadae31f701ab309bf21
2c8096aacc371b3475804ef35a3dffc335b716b170904a19f121bb57dc8eab1b
302149ea5ebce2c630e20a941f7aad719643f1845c8689f4abef83b50120c557
34430799a65813f4b5812cae542700a83cee085231f0ee35574172d0b5fa47ac
34f63eb90a4502643b942715f2ffe492f07a1874b68ee245a282baaa5347d16e
35bbe2fed6b99518f9cdf8d5d692ad4ce2fe1da57e911f122fa176836f97e901
36a5185b3d8047b071c66abb9c08f5fe7c24048c57beac0fa1ea1a2effb88f7c
387fa522300a6853995e82acc99954fc4e12a8851ce2eddf80e0bb5c6f4cf347
39e02694389cb1d56108a608830e4d45b7b824b2979cb2b6996293727a3768e3
3a031415d384192fb7f18fbdcfb65c86ce3c624f26d15c66cf16ff69c524de8a
3b6baa10284593ef2b3bc98916fa178001eed4e2e45f11f3df5602de0accbe5d
3d44e96af1e12b94bbc7fcb5bb3fced1a9e3c197f3f02312f342771c21a1e782
3ec7980abbfb7fea2bc2f5677ace5fbc8840c8e2562ca9d2bb4813b39e49b2ed
427b80d31e013a75b89fce8aa20ac47f3a4fd45bb58572080a915a2978f29a5f
47067a74004abccac7d44dacaf56c9b7bc40a371989c18e485ddc584070033e9
47bdf147d5de98303bbdb32c10bbe1c6e82b09f1f23edfd7b43a6e7ebea71dc8
4a306d44cac4e4128af886f1a3da94238ee7524fb0fbae0cbcc5769070c87f40
4bcb9b03832289829b62375b817ee40dcf309123c18969c800b2638f81d1fd3c
4e2ffe1c780ed2d6530c62331b147bdd7d4acf43312ad3e44766bfb91f23b680
4f7465596b0cef74acbe4e14a8584d1b577aba841280b6223b025a1e09174f77
57f72b2879c93bdc74f5cbd7c893f94f21299712b555e63da1bf49cc98ff7c84
5f5f92a6593aaf2482f2c5a1ef1452893cfaab273e9754cf7507c396104d3dcb
62f909c2868671b545e7a1c2bd91bdaeb35e2c520752d2330697d0502ba7a7e9
635af0203692525e35e867c4e8d671740f8df68ec32ba32f2cc57606d596c91c
655411f1e5dd3ce638ac156035c08cccc83c918a47e59353a1f71a005f1c65b5
689abddbbb30ec127b4f25769ecb186ef140f38e256c65c8e40a431348cc5446
71873f13128579299fd1091c41e3272f8ecdec965e675144ecbfb4a9cb8f7961
7419bf46a76af123025637f293600ee40fed46e30944b4d3fcaf9947c8e448be
77e7179677771e6fabc15450dec78c54b46c12a754c5b95cd10a4db382356ca7
790cfd19a8e033f96c28d63386fc4e3aff117ed855f762b40f39691a921de760
7a2f3e3b904f7dc4e8766cf839c3852b569e651346f0859310a91248b9d25bef
7ce5498631a1dc4fbdf8b825a5e7a9d408a4cda27bf2589006ba61aa8b58006b
7db6ffbba56dc7904f92bfb09b89eaa1cd796ea0bb2a258e047f0fe7fa1bf446
7f25d60a14b865431ce31f8e2241549a651f539cc4a0a3ce14623f7a8cc77164
8151f87552052755282c1300d6b7590b30e29b2845d85af2626cb7b08bcdbc19
822c8f27034e1e4886caa5d3747ee0743274d7d3a072ef17940e79054c672b9d
84531b771bf6a715c0665366806125d04bdffbf724ff3d77c19f52c713756f32
84d9e09209274258fa22043d0984cf486f3b528d9a4cf4d856d481c192ac77ee
890a19b6ced3391d812799bf469c3d36b9de072b562c59d9a7fc75710084bbf6
8c59a32e7be7d4d735aff5c456a307fc28589e408b4732e24f0532765a1122b1
8f6641ba6b02257f38c86a0f896c58c8391d27135370445f0edbee5caad969b7
9801f55b301a84f0b19e735a29ad63b80e5e2969f5acd5e10f72997ac55f9648
9e6fcf49348b90eecc2524393f3a64ead45fc8faae869fada5d3f8fb2ad26b35
a37fcf7c9613fa14cc4ba2116c83499c5f3ec90365eb5b50c61d8c7a559540ae
a522a8a90763446a4028f08c49f86bcb4a55abdf06a792891be44c7d7f77737b
a573d970fff2a96dc45df45a04cf0b37bf72a8d7c5370342053902bd2203e064
a6114681650601b6fde93b861478554623c6a660af78adb459cef21817837b68
aba40e1bfaf9721176395d3c9b4a44cb2134463634fbe9d857b1997a4091b7c3
b543924d68d2e019c1dffa5fd22919e372b2f7ee61cce6dff1965f72dfcf31b7
c571189e408f7ab2b26f2bec7b2315fe9f3678ecd9180eed945853fc905c444e
c6a12e391738ad19ed478c2dcd44678cbf291abf617d636bf1616fa0b738b180
ca215e734899c7be6083e5659a03cf176227ddbda5eb37e47e0de2123ff68044
cccb0620c9dd317ffdf8083efcd56306e3d01f02ee150eb64c55d6cce2e56c4d
d2e218d33081e0356352bb5ae25881ce96a254ae3ce55356545a0d9bf06ae669
d2ee5af32a915bd00151dc121a72a82efe7ad2b00607170308ee065efc0a4e46
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
d61410ffdaeec8faad418d9a06beab66e0aff29982103997341aa7c3fbafc830
d6453c9c09235fc52e2e50a693cff182e3aaae29c96092cd1dcdd5271e133f18
d8bdf377a989200a803544cbf036e76520ec1219c4274c7101e685c2715019d9
dd8b89ee76a7160e22fc68d70cd156fde5dbaa6da5bb7b28dbb9d51222a0c92d
dfa93d222965b21a07c53fd598cd3fbed9365a782859e8c3f3652eed7e1ae622
e5fd09bc762b0b58d235fe150a73ac17a7307d44c9d2e68126afeec5c6ac7b96
e6538410a9a3f266323d73b8dab0a6b8f284d0108f6a22fb18953ca663713560
e89c96161913b0b05c8d03650a0d734f3330700e0e83177812a5c7202c5a000f
efeac583f8545986493ae73a2ea6708ede477ec1180b9989dc668355b3bb95d2
f16649bf77ed98d6cb44d32bec5a2ed4927d9d2e523adaa227795fa3086eb2fe
f23438883542eaa115f56848c583c4354cd98ae526d571d92045cc74b4e38124
f27ec48db523beef2b7190350943033554bc23107ea6d26215c522cb95ddfb83
f2de152f2a6b871ebfeeb67880cb9b380868849546ada1431efac36042b34f88

securityintelligence.com Open in urlscan Pro 2606:4700:30::681b:9b90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

1088 kBTransfer

2045 kBSize

1 Cookies

17 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityintelligence.com Open in urlscan Pro
2606:4700:30::681b:9b90 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

1088 kB
Transfer

2045 kB
Size

1
Cookies

75 HTTP transactions
3 data transactions