blogs.akamai.com Open in urlscan Pro
2a02:26f0:6c00:2a0::2469 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-...
Submission Tags: falconsandbox
Submission: On January 08 via api (January 8th 2021, 2:04:53 pm UTC) from US

Summary HTTP 113 Redirects Links 74 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 29 domains to perform 113 HTTP transactions. The main IP is 2a02:26f0:6c00:2a0::2469, located in Ascension Island and belongs to AKAMAI-ASN1, NL. The main domain is blogs.akamai.com.
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on March 11th 2020. Valid for: a year.

This is the only time blogs.akamai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::2469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a02:26f0:6c0... 2a02:26f0:6c00:28a::6a3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba4b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
2	104.111.236.192 104.111.236.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.85.115.119 52.85.115.119	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2db0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.85.115.95 52.85.115.95	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	143.204.202.20 143.204.202.20	16509 (AMAZON-02) (AMAZON-02)
2 2	52.31.242.159 52.31.242.159	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.202.127 143.204.202.127	16509 (AMAZON-02) (AMAZON-02)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
8	18.210.215.148 18.210.215.148	14618 (AMAZON-AES) (AMAZON-AES)
4	52.48.222.54 52.48.222.54	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
113	31

14 2a02:26f0:6c00:2a0::2469 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

blogs.akamai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:26f0:6c00:28a::6a3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

www.akamai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba4b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

ds-aksb-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.236.192 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-236-192.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.115.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-119.hel50.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:28a::2db0 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdnssl.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.50 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.115.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-95.hel50.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

642-skn-449.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-20.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.242.159 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-242-159.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.127 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-127.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.210.215.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-215-148.compute-1.amazonaws.com

ing-district.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.48.222.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-222-54.eu-west-1.compute.amazonaws.com

c.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	akamai.com blogs.akamai.com www.akamai.com	1 MB
17	clicktale.net cdnssl.clicktale.net ing-district.clicktale.net c.clicktale.net	135 KB
6	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	192 KB
6	cookielaw.org cdn.cookielaw.org	112 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	google.de www.google.de	1 KB
3	google.com www.google.com	1 KB
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	facebook.com www.facebook.com	524 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	facebook.net connect.facebook.net	93 KB
2	marketo.net munchkin.marketo.net	7 KB
2	googleadservices.com www.googleadservices.com	24 KB
2	akamaihd.net ds-aksb-a.akamaihd.net	5 KB
1	twitter.com analytics.twitter.com	651 B
1	addthisedge.com v1.addthisedge.com	2 KB
1	rlcdn.com id.rlcdn.com	66 B
1	mktoresp.com 642-skn-449.mktoresp.com	311 B
1	t.co t.co	449 B
1	linkedin.com px.ads.linkedin.com	681 B
1	ml-api.io attr.ml-api.io	485 B
1	ml-attr.com 1 redirects s.ml-attr.com	275 B
1	demandbase.com scripts.demandbase.com	19 KB
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	83 KB
113	29

	Domain	Requested by
24	www.akamai.com	blogs.akamai.com
14	blogs.akamai.com	blogs.akamai.com
8	ing-district.clicktale.net	cdnssl.clicktale.net
6	cdn.cookielaw.org	blogs.akamai.com cdn.cookielaw.org
5	cdnssl.clicktale.net	blogs.akamai.com cdnssl.clicktale.net
4	c.clicktale.net	blogs.akamai.com
4	www.google-analytics.com	blogs.akamai.com www.google-analytics.com
4	s7.addthis.com	blogs.akamai.com s7.addthis.com
3	www.google.de	blogs.akamai.com
3	www.google.com	blogs.akamai.com
2	segments.company-target.com	1 redirects blogs.akamai.com
2	match.prod.bidr.io	2 redirects
2	www.facebook.com	blogs.akamai.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	secure.adnxs.com	2 redirects
2	connect.facebook.net	blogs.akamai.com connect.facebook.net
2	munchkin.marketo.net	blogs.akamai.com munchkin.marketo.net
2	www.googleadservices.com	www.googletagmanager.com
2	ds-aksb-a.akamaihd.net	blogs.akamai.com
1	api-public.addthis.com	s7.addthis.com
1	analytics.twitter.com	static.ads-twitter.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	id.rlcdn.com	blogs.akamai.com
1	api.company-target.com	scripts.demandbase.com
1	642-skn-449.mktoresp.com	munchkin.marketo.net
1	t.co	blogs.akamai.com
1	px.ads.linkedin.com	blogs.akamai.com
1	attr.ml-api.io	blogs.akamai.com
1	s.ml-attr.com	1 redirects
1	scripts.demandbase.com	blogs.akamai.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	blogs.akamai.com
113	36

This site contains links to these domains. Also see Links.

Domain
www.akamai.com
www.ir.akamai.com
developer.akamai.com
control.akamai.com
akamai.com
learn.akamai.com
community.akamai.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
blogs.akamai.com DigiCert Secure Site ECC CA-1	`2020-03-11` - `2021-06-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
www.akamai.com DigiCert Secure Site ECC CA-1	`2020-09-17` - `2021-09-17`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
*.clicktale.net DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.ml-api.io Amazon	`2020-02-06` - `2021-03-06`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-02-18` - `2021-02-06`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
c.clicktale.net Amazon	`2020-10-13` - `2021-11-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Frame ID: 164CC89ACF2116B293A4AB3FE7ACA0E2
Requests: 113 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 81395293E300F40128E8B8293701906F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B6072E3BBCDF9E3BE0017A06C09DCB56
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

113
Requests

92 %
HTTPS

45 %
IPv6

29
Domains

36
Subdomains

31
IPs

6
Countries

1796 kB
Transfer

5084 kB
Size

20
Cookies

74 Outgoing links

These are links going to different origins than the main page.

URL: https://www.akamai.com/us/en/about/
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/workplace-diversity.jsp
Title: Diversity

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/company-history.jsp
Title: Company History

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/locations.jsp
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/leadership/
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/corporate-responsibility/
Title: Corporate Responsibility

Search URL Search Domain Scan URL

URL: http://www.ir.akamai.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/our-thinking/
Title: Our Thinking

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/partners/
Title: Our Partners

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us.jsp
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/cdn/
Title: CDN

Search URL Search Domain Scan URL

URL: https://developer.akamai.com/
Title: Developers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/akamai-free-trials.jsp
Title: Free Trials

Search URL Search Domain Scan URL

URL: https://control.akamai.com/
Title: Customer Login

Search URL Search Domain Scan URL

URL: https://akamai.com/
Title: Akamai.com

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/world-class-digital-experiences.jsp
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/intelligent-platform/
Title: Intelligent Edge Platform

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/threat-research.jsp
Title: Threat Research

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/security.jsp
Title: Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/performance/
Title: Web Performance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/media/ott-media-delivery.jsp
Title: Media Delivery

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/performance/devops.jsp
Title: DevOps

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/
Title: View All Solutions

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/financial-cdn-services.jsp
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/hotel-travel-cdn-services.jsp
Title: Hotel & Travel

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/media-entertainment-cdn-services.jsp
Title: Media & Entertainment

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/public-sector-cdn-services.jsp
Title: Public Sector

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/retail-consumer-cdn-services.jsp
Title: Retail & Consumer Goods

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/software-technology-cdn-services.jsp
Title: Software & Technology

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/
Title: View All Solutions

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/security/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/performance/
Title: Web Performance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/media-delivery/
Title: Media Delivery

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/network-operator/
Title: Network Operator

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/services/
Title: Services

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/our-customers.jsp
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/visualizing-akamai/
Title: Insights

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/information-security/
Title: Information Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/threat-advisories/
Title: Threat Advisories

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/for-cios/
Title: For CIOs

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/state-of-the-internet-report/
Title: State of the Internet Report

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/library.jsp
Title: Document Library

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/cdn-and-cloud-services-glossary.jsp
Title: Glossary

Search URL Search Domain Scan URL

URL: https://learn.akamai.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://community.akamai.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/library.jsp
Title: FEATURED Our Library Search our library for helpful resources on topics you care about. Learn More

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/support/global-support-phone-numbers.jsp
Title: Global Support Phone Numbers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/support/
Title: Support Resources

Search URL Search Domain Scan URL

URL: https://community.akamai.com/customers/s/support
Title: Support on Community

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/stop-ddos-attacks.jsp
Title: UNDER ATTACK Are You Under Attack? Contact the DDoS Attack Hotline for emergency DDoS protection. Act Now

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/
Title: CONTACT Get in touch Want to get in touch with us? There are multiple ways to contact an Akamai representative. Contact Now

Search URL Search Domain Scan URL

URL: https://community.akamai.com/community/security-research-and-intelligence
Title: https://community.akamai.com/community/security-research-and-intelligence

Search URL Search Domain Scan URL

URL: http://www.ir.akamai.com/phoenix.zhtml?c=75943&p=irol-irhome
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/compliance/
Title: Compliance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/student-jobs-internships.jsp
Title: Students

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/working-at-akamai.jsp
Title: Working at Akamai

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/media-resources.jsp
Title: Media Resources

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/press-contacts.jsp
Title: Press Contacts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AkamaiTechnologies/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/akamai-technologies
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/Akamai
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/akamaitechnologies
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/compliance/data-protection-at-akamai.jsp
Title: TRUST CENTER

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/privacy-policies/
Title: Policy Details

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/
Title: www.akamai.com

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/privacy-policies/legal-notices.jsp
Title: EMEA Legal Notices

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/contact-webmaster.jsp
Title: Webmaster

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/multimedia/documents/akamai/akamai-privacy-statement.pdf
Title: Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dakamai.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=akamai.com&pId=2284970167819395167

Request Chain 78

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAHTOU6_8M0AAA_TzFgtVg HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHTOU6_8M0AAA_TzFgtVg&verifyHash=9bc36138855c4f4fa1a1cae55eb283af196dc1ee

113 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html Show response
blogs.akamai.com/sitr/2020/08/ 144 KB
23 KB 136ms
111ms Document
text/html 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dce60b65c3a2523cfe5906cf9486a9610b51f6ec3469be1097c90614f4a3a7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: blogs.akamai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Thu, 19 Nov 2020 13:38:04 GMT
ETag: "23c5c-5b475d661a88e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
X-Akamai-Transformed: 9 - 0 pmb=mRUM,1
Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Length: 23030
Connection: keep-alive
Set-Cookie: ak_bmsc=DCEAB8CF61D8A9AB8CF741CB6762A5D50210BAA4EF5700007366F85FCEAB5932~plR/LvwDUaau0A0WqhrcOUxwikuyzZCi2Fh3UlhJZrT/Q380EGAoU9Z01c4owhMK0tp1LNz6RR5FDbU+NyaOMgFi4G6Lh1EttE2nAVHcyBpN+PFXWDkO5nn4UPS6nfR/JxADJadc5FGoiVjN5sCCEJ+kd24C+1w0pgnqWxokFJ5b3BxazA1rLGbrnnoqWHabvv+ptXX3B0bntnBMPYhkJQsTnpdudcGoc1oDQJrtpmsPQ=; expires=Fri, 08 Jan 2021 16:04:35 GMT; max-age=7200; path=/; domain=.akamai.com; HttpOnly
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=31536000

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 44ms
23ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59f402de9f1e432c10350864d4d9a3f348bea192abfd0785e40f7ab1c49006ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Jan 2021 14:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRlLWe4rLmFqey3kX60iuw==
age: 3594
vary: Accept-Encoding
content-length: 4145
cf-request-id: 0783e949f700002c427f1ca000000001
x-ms-lease-status: unlocked
last-modified: Wed, 06 Jan 2021 15:14:28 GMT
server: cloudflare
etag: 0x8D8B255C31E8A58
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dd0984f9-f01e-0084-084c-e48ece000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 60e677efee0d2c42-FRA

GET
H/1.1 200
OK styles-31.css
blogs.akamai.com/sitr/ 524 B
643 B 33ms
31ms Stylesheet
text/css 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/sitr/styles-31.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9b8e4ce379725beb99115050b7339852a1281bdab67ef7bc271a4a48b46969a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Tue, 19 Nov 2019 11:09:51 GMT
ETag: "20c-597b11a62360b-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 201
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK mt.js Show response
blogs.akamai.com/ 31 KB
9 KB 39ms
25ms Script
application/javascript 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5545f074e8bb7905a4d78b195b4963436ce7d222fd33c7b69902e2de5fbf8739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Thu, 07 Jan 2021 07:17:20 GMT
ETag: "7b73-5b84a3af87ef8-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 8782
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
blogs.akamai.com/js/ 85 KB
30 KB 255ms
241ms Script
application/javascript 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/js/jquery-3.3.1.min.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "1538f-5909ca9aeeb3e-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 30307
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK amp.min.js Show response
blogs.akamai.com/js/amp/ 295 KB
73 KB 26ms
12ms Script
application/javascript 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/js/amp/amp.min.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edfc6dedf98d3024cc61633b2ee53ab4398e59ad287b132ecf6a41a0acb47d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "49d3c-5909ca9aefadf-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 73861
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ga-events-new.js Show response
blogs.akamai.com/ 3 KB
1 KB 34ms
20ms Script
application/javascript 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/ga-events-new.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

837b1df4e6afd164cddafe91e5801b3dfe5758c32418d1d5236d6c8a23eaf003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "cba-5909ca9a90f1d-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 787
X-Content-Type-Options: nosniff

GET
H2 200 what-we-do-overview.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 6 KB
7 KB 69ms
44ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-overview.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6180d8506896f5800407ba421b9e63913d81b7a1dd6469db0a0daf900fb2ac7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:58 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1d7f4-5b83d854d28f1"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2427177
server-timing: cdn-cache; desc=MISS, edge; dur=-295, origin; dur=305
content-length: 6384
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:17:32 GMT

GET
H2 200 what-we-do-intelligent-platform.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 19 KB
20 KB 18ms
18ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-intelligent-platform.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2f627d5e57d146ed2f0c66e92d9d2d59c81fb26040aa0a3ff41d1e283e19bfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:15:45 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "4b459-5b83d854ca04c"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2427047
server-timing: cdn-cache; desc=MISS, edge; dur=-165, origin; dur=169
content-length: 19700
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:15:22 GMT

GET
H2 200 what-we-do-threat-research.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 26 KB
27 KB 18ms
18ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-threat-research.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a96b7c61d78d60b6823b1661a1a53a76efde901485091e74ae37bc78524c25a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:58 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "e1258-5b83d854dcd0b"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2426931
server-timing: cdn-cache; desc=MISS, edge; dur=-439, origin; dur=443
content-length: 27078
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:13:26 GMT

GET
H2 200 what-we-do-free-trials.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 8 KB
8 KB 22ms
21ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-free-trials.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3860e1517dfa0380194b5ef3378524ded0a189019690b9212760775720b9d3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:57 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "29b47-5b83d854d5781"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2427054
server-timing: cdn-cache; desc=HIT, edge; dur=7
content-length: 7856
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:15:29 GMT

GET
H2 200 globe-background.png
www.akamai.com/us/en/multimedia/images/custom/2019/ 2 KB
2 KB 117ms
117ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/custom/2019/globe-background.png?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c6d54db2bc5801a921184a203965986aae0ab1357f2ee5dac73ffba4657a215e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:57 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "ed45-5b83d854f2ede"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2427173
server-timing: cdn-cache; desc=HIT, edge; dur=103
content-length: 1788
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:17:28 GMT

GET
H2 200 threats-can-come-from-anywhere-nav-image.png
www.akamai.com/us/en/multimedia/images/navigation/ 28 KB
28 KB 25ms
25ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/threats-can-come-from-anywhere-nav-image.png?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

993017547fc57980403724962730adc92a9c501296dfc0f98d4bdabc5d0a2948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Tue, 05 Jan 2021 16:53:52 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "c6be5-5b829e646278f"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2342879
server-timing: cdn-cache; desc=HIT, edge; dur=12
content-length: 28228
x-content-type-options: nosniff
expires: Thu, 04 Feb 2021 16:52:34 GMT

GET
H2 200 products-web-performance.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 6 KB
7 KB 18ms
17ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-web-performance.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ce97d60e54bb57677634ea2a8d8d89810f3f98e05f67ca1c628fbd4d9a686e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:57 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1d7f9-5b83d854c8cc0"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2426926
server-timing: cdn-cache; desc=MISS, edge; dur=-119, origin; dur=123
content-length: 6454
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:13:21 GMT

GET
H2 200 products-media-delivery.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 8 KB
9 KB 22ms
22ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-media-delivery.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f43a43411ce6a34a967594fd01888847ecaa3f137ea58da20a57619454a14b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:58 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2af11-5b83d854bf068"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2427014
server-timing: cdn-cache; desc=HIT, edge; dur=8
content-length: 8406
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:14:49 GMT

GET
H2 200 products-network-operator.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 8 KB
8 KB 21ms
21ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-network-operator.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cf27171500f059178ee707f4adf28e5c8901e691d6db9e0c692fdc3f17208b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Tue, 05 Jan 2021 16:54:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1e340-5b829e6460c40"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2342865
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 7970
x-content-type-options: nosniff
expires: Thu, 04 Feb 2021 16:52:20 GMT

GET
H2 200 products-services.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 6 KB
6 KB 19ms
19ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-services.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3152a355d4cf68dd61ac9af8273818894286a4c739b9fab5cf18cecbc804efda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:57 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "20b48-5b83d854ce299"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2427007
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 5832
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:14:42 GMT

GET
H2 200 products-developers.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 9 KB
10 KB 27ms
26ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-developers.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

432fafb3e594b9f8284c634150dcbc472cb3d44f2d68d1751d73480671c7939e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:58 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2a716-5b83d854e67c4"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2426961
server-timing: cdn-cache; desc=MISS, edge; dur=-261, origin; dur=272
content-length: 9668
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:13:56 GMT

GET
H2 200 resources-case-studies.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 15 KB
16 KB 30ms
30ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-case-studies.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

96c8809164851bdd379b2d0e61ef3df01d33bff486cceaa6d10640a9eec462c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Tue, 05 Jan 2021 16:55:20 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "46797-5b829e64bd6b7"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2343008
server-timing: cdn-cache; desc=MISS, edge; dur=-155, origin; dur=168
content-length: 15826
x-content-type-options: nosniff
expires: Thu, 04 Feb 2021 16:54:43 GMT

GET
H2 200 resources-insights.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 22 KB
23 KB 42ms
41ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-insights.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

537b9efe5ce40de4b4b7e207e4aeaeb8950e8411f33e752fb32d161e4629e0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Tue, 05 Jan 2021 16:53:51 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5808d-5b829e64bbfb2"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2343151
server-timing: cdn-cache; desc=HIT, edge; dur=24
content-length: 22702
x-content-type-options: nosniff
expires: Thu, 04 Feb 2021 16:57:06 GMT

GET
H2 200 resources-soti.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 19 KB
19 KB 39ms
39ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-soti.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7e47d9a459f7488bb2ffd7b843b82132d2aef171561da8752f26ed4005640bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Tue, 05 Jan 2021 16:53:51 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "65bc8-5b829e64b1777"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2342950
server-timing: cdn-cache; desc=MISS, edge; dur=-356, origin; dur=376
content-length: 19114
x-content-type-options: nosniff
expires: Thu, 04 Feb 2021 16:53:45 GMT

GET
H2 200 resources-document-library.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 9 KB
9 KB 63ms
58ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-document-library.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fa851db04e5a6105f684d10a33d2513740bea3d78a2186fd43fbab806eb138a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:58 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "27653-5b83d854d564a"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2426954
server-timing: cdn-cache; desc=HIT, edge; dur=27
content-length: 9328
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:13:49 GMT

GET
H2 200 resources-cdn.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 24 KB
25 KB 110ms
106ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-cdn.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3c03a99ea1625cc1fb8b1be3ea3de4ca7e53b1518266ffd69eace0df05e66f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:57 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5745c-5b83d854d408f"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2426961
server-timing: cdn-cache; desc=MISS, edge; dur=-219, origin; dur=300
content-length: 24898
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:13:56 GMT

GET
H2 200 resources-glossary.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 6 KB
6 KB 163ms
159ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-glossary.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ff9b7583ebfa8957c1a5c1a9aa5241023afb110a67a19783babac533875c429c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:59 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "15e1b-5b83d854c7d0b"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2427050
server-timing: cdn-cache; desc=MISS, edge; dur=11, origin; dur=92
content-length: 6112
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:15:25 GMT

GET
H2 200 resources-documentation.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 8 KB
9 KB 147ms
144ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-documentation.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

1354a82ea932dc089b9b1a3b0e4bc5aded51feed0f5f5a36f9a3312b9c492725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Tue, 05 Jan 2021 16:53:52 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2788c-5b829e6451dee"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2342990
server-timing: cdn-cache; desc=HIT, edge; dur=85
content-length: 8536
x-content-type-options: nosniff
expires: Thu, 04 Feb 2021 16:54:25 GMT

GET
H2 200 resources-for-developers.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 14 KB
15 KB 126ms
123ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-for-developers.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b7758a03b83edf748790c586eb0ea39ce917f49e53371e27d98f65b267c5fa2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:16:27 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "33d16-5b83d854c32dc"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2427104
server-timing: cdn-cache; desc=HIT, edge; dur=48
content-length: 14766
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:16:19 GMT

GET
H2 200 resources-community.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 9 KB
10 KB 177ms
173ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-community.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

1a24a40f89e43bf51b891268654284455bb48bdfec890539b1854e37c42a26c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:59 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "38645-5b83d854d94ac"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2426969
server-timing: cdn-cache; desc=MISS, edge; dur=-220, origin; dur=300
content-length: 9550
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:14:05 GMT

GET
H2 200 products-security.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 5 KB
5 KB 146ms
143ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-security.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4b2e7f6dfcfdf500505a34c2eff3d9c129c40439d454b8e0f1889389544a5ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
referrer-policy: same-origin
last-modified: Tue, 05 Jan 2021 16:57:38 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1ceb8-5b829e64b4a3c"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2343129
server-timing: cdn-cache; desc=HIT, edge; dur=36
content-length: 4908
x-content-type-options: nosniff
expires: Thu, 04 Feb 2021 16:56:44 GMT

GET
H2 200 contact-locations.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 31 KB
32 KB 163ms
160ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/contact-locations.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0883f880732798f564802c62ca5d4edd2a328261fbff6f48be75213cdf0fe94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:58 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5ae34-5b83d854e7f2e"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2426983
server-timing: cdn-cache; desc=MISS, edge; dur=-243, origin; dur=280
content-length: 32086
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:14:19 GMT

GET
H2 200 contact-us-featured.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 12 KB
13 KB 169ms
166ms Image
image/webp 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/contact-us-featured.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c42bf56f9e8af42a880e5d09ca1a7302b32543fbe3230d3576e7f7270e670755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
referrer-policy: same-origin
last-modified: Wed, 06 Jan 2021 16:14:57 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2016f-5b83d854d9a4b"
strict-transport-security: max-age=31536000
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2426925
server-timing: cdn-cache; desc=HIT, edge; dur=27
content-length: 12558
x-content-type-options: nosniff
expires: Fri, 05 Feb 2021 16:13:21 GMT

GET
H/1.1 200
OK the-akamai-blog-hero-image.png
blogs.akamai.com/images/patterns/ 273 KB
273 KB 31ms
29ms Image
image/png 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/images/patterns/the-akamai-blog-hero-image.png?imwidth=1366

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9696ba2db9650cf65d236998665cb42afb1bc877ceadd6f88fb542f7725ad557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Referrer-Policy: same-origin
Last-Modified: Mon, 13 Jan 2020 12:33:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "4429f-59c04ae2fc39d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279199
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK userpic-379-100x100.png
blogs.akamai.com/mt-static/support/assets_c/userpics/ 25 KB
26 KB 13ms
11ms Image
image/png 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/mt-static/support/assets_c/userpics/userpic-379-100x100.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6d97ba15ff527c6ebd5b3b0128e67f14e4b7a95f85f877ce91b7694ea5d67453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 15:33:06 GMT
X-Frame-Options: SAMEORIGIN
ETag: "6564-590a24a264e43"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25956
X-Content-Type-Options: nosniff

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 101ms
39ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 08 Jan 2021 14:04:35 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 cd9f1ea0-59ae-4aca-a474-1dc30ccae008.json Show response
cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/ 3 KB
2 KB 26ms
13ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/cd9f1ea0-59ae-4aca-a474-1dc30ccae008.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f1295f4b9d54a8d20080a781d5bf87713e5159546f23722a1a078cb78221587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Jan 2021 14:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JKFdYySQFppAPOPrOnd2oA==
age: 4379
vary: Accept-Encoding
content-length: 1171
cf-request-id: 0783e94a1f00002c01a7938000000001
x-ms-lease-status: unlocked
last-modified: Wed, 16 Dec 2020 12:10:18 GMT
server: cloudflare
etag: 0x8D8A1BB8DBD1D0E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6555a437-301e-0033-08a4-d381cb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 60e677f03a662c01-FRA

GET
H/1.1 200
OK screen3.css
blogs.akamai.com/mt-static/support/themes/akamai/ 856 KB
128 KB 562ms
561ms Stylesheet
text/css 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt-static/support/themes/akamai/screen3.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/styles-31.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b3b5a05e8b180cfb6d58884e4106df4c3e74c198e97f09c8d112a3645f265f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/styles-31.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:20 GMT
ETag: "d61b9-5909ca9b4a81f-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 130439
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK blogs_theme3_2.css
blogs.akamai.com/mt-static/support/themes/akamai/ 41 KB
8 KB 28ms
27ms Stylesheet
text/css 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/styles-31.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

68d7310e853e6676ab8a2cb0e5e815e7c514b6ea75ca1ba6674ccb0be6870bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/sitr/styles-31.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Thu, 06 Aug 2020 10:55:53 GMT
ETag: "a30f-5ac33550c5d33-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 7547
X-Content-Type-Options: nosniff

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 13ms
11ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Jan 2021 14:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bh9exWOPGIwRshWljrtlEw==
age: 3986441
vary: Accept-Encoding
content-length: 79698
cf-request-id: 0783e94c8a00002c42f902a000000001
x-ms-lease-status: unlocked
last-modified: Mon, 23 Nov 2020 02:33:28 GMT
server: cloudflare
etag: 0x8D88F582961DDDE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1f098869-501e-00cd-4b85-c1bdae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 60e677f408102c42-FRA
expires: Sat, 16 Jan 2021 14:04:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1974
date: Fri, 08 Jan 2021 13:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 08 Jan 2021 15:31:41 GMT

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ 13 KB
5 KB 50ms
7ms Script
application/x-javascript 2a02:26f0:6c00::210:ba4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba4b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: Apache
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 409 KB
83 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b742d531e3ebc345adcdcb7a82c664f6e414b795e4da3675338df5db0b8e78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84849
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jan 2021 14:04:35 GMT

GET
H2 200 akamai-logo.png
www.akamai.com/us/en/multimedia/images/logo/ 4 KB
4 KB 135ms
135ms Image
image/png 2a02:26f0:6c00:28a::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/logo/akamai-logo.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/screen3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3dbdbf1c436bc7ac645619e20285acf1b944a4670cb34062cd10538640932368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-check-cacheable: YES
server-timing: cdn-cache; desc=HIT, edge; dur=8
content-length: 4118
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 07 Dec 2020 10:59:52 GMT
server: Akamai Image Manager
etag: "3077-583411b9c0988"
x-serial: 1369
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, no-transform, max-age=2148748
expires: Tue, 02 Feb 2021 10:57:04 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb86d56383ff7fa14b5260253935ce2c27f97945519ab5ff22fde97094926914

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK icomoon.woff
blogs.akamai.com/fonts/icomoon/ 115 KB
115 KB 474ms
473ms Font
application/font-woff 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/icomoon/icomoon.woff

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8073776d34872ade5733678679780ce4fdbe3f82fed48ce45da7bd19adc41c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:36 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1cbe8-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117736
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-r.woff2
blogs.akamai.com/fonts/ubuntu/ 29 KB
30 KB 477ms
475ms Font
text/plain 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-r.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

30d2499e284c2f1815b834bfd6500bf5ad829cc9395490a4fbd9940378e9b61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:36 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "7534-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30004
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-l.woff2
blogs.akamai.com/fonts/ubuntu/ 28 KB
28 KB 474ms
473ms Font
text/plain 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-l.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

10493c31cbfb05ee4bd0f22af083230ea95ea86e926b4518fa8dd84b2fa088a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:36 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "7018-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28696
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-m.woff2
blogs.akamai.com/fonts/ubuntu/ 29 KB
30 KB 471ms
470ms Font
text/plain 2a02:26f0:6c00:2a0::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-m.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

92db72d29e0b134689e612a6b14b56876d13046f8c85452dc84398fc4a4b5e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:36 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "74a0-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
X-Content-Type-Options: nosniff

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2053503272&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&ul=en-us&de=UTF-8&dt=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2074055853&gjid=346622250&cid=915203017.1610114676&tid=UA-34883906-1&_gid=1486958918.1610114676&_r=1&_slc=1&z=1638806754

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/79e79048-5d98-4078-9e1e-1feaa288d7f2/ 45 KB
12 KB 18ms
18ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/79e79048-5d98-4078-9e1e-1feaa288d7f2/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb0773eae0ab481465b8b2b8c24d244cda36cddac6fe98b43026e60b5eb3492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sdgP2BoIEW6OU/zLXlZ/Bw==
age: 4380
vary: Accept-Encoding
content-length: 12032
cf-request-id: 0783e94dd000002c01ab1d1000000001
x-ms-lease-status: unlocked
last-modified: Wed, 16 Dec 2020 12:10:20 GMT
server: cloudflare
etag: 0x8D8A1BB8F04090A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 52840ae6-201e-00eb-79a4-d3261a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 60e677f6183b2c01-FRA

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 105ms
34ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=30988
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 13 KB
4 KB 13ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W9e0YobmEbvdB0V9OmpQkw==
age: 1159089
vary: Accept-Encoding
content-length: 3329
cf-request-id: 0783e94e2900002c016c0e5000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:50 GMT
server: cloudflare
etag: 0x8D89735209A34D6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9419680f-d01e-0054-243c-db326c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 60e677f6a97e2c01-FRA
expires: Sat, 16 Jan 2021 14:04:36 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ 45 KB
12 KB 20ms
20ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zNsRoM1FEmsEgJoYMCNTng==
age: 1220197
vary: Accept-Encoding
content-length: 11755
cf-request-id: 0783e94e2900002c01842f6000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:53 GMT
server: cloudflare
etag: 0x8D897352245C4EA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8d7e5762-501e-000a-33ae-dac16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 60e677f6a9802c01-FRA
expires: Sat, 16 Jan 2021 14:04:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34796267-1&cid=915203017.1610114676&jid=1265180223&gjid=1008029243&_gid=1486958918.1610114676&_u=aGDAgEABAAAAAG~&z=2055958043

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Jan 2021 14:04:36 GMT
content-type: text/plain
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 86ms
28ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 59492
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1610114676.387526,VS0,VE0
x-served-by: cache-hhn11530-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 23ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=82130
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 125ms
59ms Script
text/javascript 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f226.1e100.net

Software

cafe /

Resource Hash

4a5c6bbe25f10b8c56a9d58bb7a3a957992fc1800b633dd010df58b55f558dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12179
x-xss-protection: 0
server: cafe
etag: 494165680877134304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jan 2021 14:04:36 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 108ms
35ms Script
application/x-javascript 104.111.236.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.192 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 uDRtxOMd.min.js Show response
scripts.demandbase.com/ 71 KB
19 KB 246ms
65ms Script
application/javascript 52.85.115.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/uDRtxOMd.min.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-119.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87ef54c1884c1f9f172677be4a3893729ef2fa2e0440f84a6662947c5dc626ea

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: SNZe0KCnH8_rrl92wF2Kk2n16g.U_JFL
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 23:26:27 GMT
server: AmazonS3
age: 1389
etag: W/"19a0358302af3c924d1b9334dabe7152"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 45e951df17063864957163fe2b8687d3.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Fri, 08 Jan 2021 13:41:28 GMT
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: Yu0UMvj-LOyn8dgxM_CQOfXjT82EOBAgq4Y4XFXRUk8JJrtM8hTOUg==

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/www14/ptc/ 209 KB
38 KB 38ms
19ms Script
application/javascript 2a02:26f0:6c00:28a::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www14/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3b0dba5c94cbc089aba5b6adb107c4df4a2ba3d3554cbe913e965e618974dd7

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: zQzfWGGeRE6cmjOkbFYXoeW3zabZgxTx
content-encoding: br
last-modified: Fri, 08 Jan 2021 08:31:39 GMT
server: AmazonS3
x-amz-request-id: AD2604B839084D4F
etag: "58f57a6a66c69c90e7077b4505a40b44"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
date: Fri, 08 Jan 2021 14:04:36 GMT
accept-ranges: bytes
content-length: 38311
x-amz-id-2: 9gZuDXBDppu96iu7NdqM96Cys1xmSt0emTjnB9loN7w8P3O8YZlGawUJCsGzH6iiSF3IB/5Ew7M=
expires: Fri, 08 Jan 2021 14:14:36 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 95ms
38ms Script
text/javascript 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f226.1e100.net

Software

cafe /

Resource Hash

bfdefa732c4bcc15665b62ace0b55019d351cc525026d3476ae8002d0ddbdf43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11866
x-xss-protection: 0
server: cafe
etag: 13611461896829058943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jan 2021 14:04:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-fb-rlafr: 0
pragma: public
x-fb-debug: Kn2dQjdmgzZyNLVKGl3fSljuPINrN7uV0hxDjnx3Ioh+u7jsSmVr+zW4d6ru6cVFeS3cMvmH+39UsRCFTqPuag==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 08 Jan 2021 14:04:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 7ms
7ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2053503272&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&dp=%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html%3F&ul=en-us&de=UTF-8&dt=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAC~&jid=1265180223&gjid=1008029243&cid=915203017.1610114676&tid=UA-34796267-1&_gid=1486958918.1610114676&gtm=2wgbu0MP7VKD&cd1=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd29=Not%20Known%20Bot&cd32=Not%20Known%20Bot&cd46=blogs-sitr&cd47=915203017.1610114676&cd64=SITR&cd66=&cd80=0.8344859713532005_1610114676302&z=1701362884

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 16:12:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78747
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dakamai.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=akamai.com&pId=2284970167819395167

4 B
485 B

418ms
287ms

Image
image/jpeg

52.85.115.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=akamai.com&pId=2284970167819395167
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-95.hel50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:37 GMT
Via: 1.1 6a3cc273c6d3056526b53421b6dd28ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL50-C2
x-amzn-RequestId: 1b1a6ef1-d1e4-4a74-913f-28082bb4794f
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
X-Amzn-Trace-Id: Root=1-5ff86675-21d947db2cbe43e224b170c0;Sampled=0
Connection: keep-alive
x-amz-apigw-id: Y1TyUGBLIAMFwYw=
Content-Length: 4
X-Amz-Cf-Id: ARzKdXr8ECxUy-EHP6rYWA14QTmkgh8l7Z9plEl3OUNU6b8n7Et7Aw==

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 14:04:36 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.168:80
AN-X-Request-Uuid: 179709fe-805e-4b07-8a0c-78ea2d2da912
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=akamai.com&pId=2284970167819395167
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 41ms
19ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34796267-1&cid=915203017.1610114676&jid=1265180223&_u=aGDAgEABAAAAAG~&z=1470969890

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 40ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34796267-1&cid=915203017.1610114676&jid=1265180223&_u=aGDAgEABAAAAAG~&z=1470969890

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
px.ads.linkedin.com/ 0
681 B 232ms
188ms Image
application/javascript 2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1610114676489&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: k+jqfsRGWBZgHwxFfCsAAA==

GET
H2 200 1276761735802781 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1276761735802781?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae20274b295495503e4df81090332f759159e62e2d498dfea845b79b9011191b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: JqUiubObSMI4QnrDk7YoeC335UEejk7+oDOcrEyxoxLtZIblBGXXilfhiydlULzajMXWWv01x5btYdOFo8irwQ==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 08 Jan 2021 14:04:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1947011696
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/ptc/ 57 KB
12 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www14/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29f69e95876c66e283bb1b262c4b6a138f38e1cf5ee38a3a87e2814df6aefa8c

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: p2yynId3tF0zkA4GBNiunKQ2FhLlxP39
content-encoding: br
last-modified: Tue, 01 Dec 2020 17:35:02 GMT
server: AmazonS3
x-amz-request-id: 600B196EA4FD6291
etag: "d9e63496ee53b0b3940b7514b47dc0ae"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
date: Fri, 08 Jan 2021 14:04:36 GMT
accept-ranges: bytes
content-length: 12349
x-amz-id-2: xJCkKVGOwOGMoQ0M5MAqjlONtYqK+ZQFSpV1oG76fyFw2Vr3e6y9Z/9Q/KapKr4aL+0aoZAjjJQ=
expires: Fri, 08 Jan 2021 14:14:36 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 44ms
40ms Script
application/x-javascript 104.111.236.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.192 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sun, 18 Apr 2021 14:04:36 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/ 3 KB
1 KB 49ms
27ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/?random=1610114676529&cv=9&fst=1610114676529&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&tiba=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf298bc13f5a865ac21e9baf8ce6e1c82c7ef02c19a252dbe9e76ffa83bc2e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1182
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 61de1f77-a3be-4652-9627-2532fd049514
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/61de1f77-a3be-4652-9627-2532fd049514
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9e157b36a3e7e690fd16428b4903938918e49a9f46c34dcf01896b947ea537e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6435
Content-Type: application/javascript

GET
BLOB 200
OK 0420c203-cf13-45e7-8a59-794d3d8c4d13
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/0420c203-cf13-45e7-8a59-794d3d8c4d13
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9e157b36a3e7e690fd16428b4903938918e49a9f46c34dcf01896b947ea537e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6435
Content-Type: application/javascript

GET
H2 200 adsct
t.co/i/ 43 B
449 B 259ms
157ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nujvn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Fri, 08 Jan 2021 14:04:36 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d6495372ede78b2335b1938b4f5886ea
x-transaction: 005ef47a00588250
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/ 3 KB
2 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/?random=1610114676550&cv=9&fst=1610114676550&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&tiba=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b41d63f8c804c7102e689108b4d29676c6e7a5545ef68a655b50742528c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1151
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/pcc/ 161 KB
33 KB 15ms
12ms Script
application/javascript 2a02:26f0:6c00:28a::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/pcc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js?DeploymentConfigName=Release_20201014&Version=5
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e50a46a1fd4f05aa7429af42a6639e888493df71782bac4527295fb36ee9d75e

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: gWe98CXjh6Fu9fBX1PAJ3qn10x7mg7In
content-encoding: br
last-modified: Sun, 15 Nov 2020 10:52:55 GMT
server: AmazonS3
x-amz-request-id: 8658109FFDEDE0B3
etag: "ea5e94733297b4e201bebc38e232973b"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 08 Jan 2021 14:04:36 GMT
accept-ranges: bytes
content-length: 33854
x-amz-id-2: xV5byzr73Zi3lI5Y3DRBTiqV/WbYl3h1q1DxVwOZIW5DcLOq2kiLKbdvRCXXNbCBP0jKkm+7ezY=
expires: Sat, 08 Jan 2022 14:04:36 GMT

GET
H2 200 latest-WR110.js Show response
cdnssl.clicktale.net/www/ 55 KB
17 KB 12ms
9ms Script
application/javascript 2a02:26f0:6c00:28a::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00339eca686fe2c5885d4d1664a096bc303e614c2770ae844ef06a20dc470be3

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: W5pAX9_HIC6G7W2jwAGzqsm.zXcuGia2
content-encoding: br
last-modified: Wed, 06 Jan 2021 10:10:01 GMT
server: AmazonS3
x-amz-request-id: 642E50C64545AFD7
etag: "0bc29eb759ef6edf3179da92d61b3e8f"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
date: Fri, 08 Jan 2021 14:04:36 GMT
accept-ranges: bytes
content-length: 16670
x-amz-id-2: AF/07UAqHB/cyV4aDNJKkhtMNwlc9VxVqVNwOqffxpR+LJPH8GYTNNjtSDfLEh2jOCaQVsfcS8M=
expires: Sat, 09 Jan 2021 14:04:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 21ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1276761735802781&ev=PageView&dl=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&rl=&if=false&ts=1610114676633&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610114676631.636718340&it=1610114676498&coo=false&rqm=GET

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Jan 2021 14:04:36 GMT

GET
H/1.1 200
OK visitWebPage Show response
642-skn-449.mktoresp.com/webevents/ 2 B
311 B 586ms
125ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://642-skn-449.mktoresp.com/webevents/visitWebPage?_mchNc=1610114676638&_mchCn=&_mchId=642-SKN-449&_mchTk=_mch-akamai.com-1610114676638-92251&_mchWs=j1RQ&_mchHo=blogs.akamai.com&_mchPo=&_mchRu=%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 1417e181-68bb-4549-a6b2-6972f49597cf

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 429 B
936 B 156ms
87ms XHR
application/json 143.204.202.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&page_title=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&src=tag&key=c07e50e50d026064d820ab45cdd46518636e8993
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/uDRtxOMd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-20.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: c23ebf2c0ec8e37a6a0a179720c9763bf4e1f0ed993fe7d0ad41d4d9774fe957

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
request-id: d2f3df3a-a380-41e4-a508-70132a821197
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://blogs.akamai.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9gcSKVw6urpU35I2c-HqLvaA1KbS7yZoeB5li1Qgbmx_WFbjM3kWKA==
expires: Thu, 07 Jan 2021 14:04:36 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAHTOU6_8M0AAA_TzFgtVg
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHTOU6_8M0AAA_TzFgtVg&verifyHash=9bc36138855c4f4fa1a1cae55eb283af196dc1ee

26 B
409 B

125ms
125ms

Image
image/gif

143.204.202.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHTOU6_8M0AAA_TzFgtVg&verifyHash=9bc36138855c4f4fa1a1cae55eb283af196dc1ee
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-127.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 14:04:37 GMT
Via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: d97a359aee8398ea
X-Amz-Cf-Id: BjZXypXTK0vT2lkNBBW57sTnCaFilHp-v9XnSI0XoFU5DRZPmGMwaw==

Redirect headers

Date: Fri, 08 Jan 2021 14:04:37 GMT
Via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAHTOU6_8M0AAA_TzFgtVg&verifyHash=9bc36138855c4f4fa1a1cae55eb283af196dc1ee
Connection: keep-alive
trace-id: 550b5479c94ba629
Content-Length: 0
X-Amz-Cf-Id: ysLoQMi13WDZbvGq4q3ijlzyrzEOWKh6ZvzD3yJwDmmDfGraXWSkbA==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 83ms
36ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:36 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/auth/ 240 B
390 B 400ms
133ms XHR
application/json 18.210.215.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/auth/?pid=25500&as=1&11630340&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.215.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-215-148.compute-1.amazonaws.com
Software: /
Resource Hash: b39a9c8d84490ad79c67fe0ab3ba56f88d5ce04c3bcbb4cdf9327b66952bc137

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.akamai.com
date: Fri, 08 Jan 2021 14:04:37 GMT
access-control-allow-credentials: true
content-length: 240
content-type: application/json; charset=UTF-8

GET
H2 200 pageview
c.clicktale.net/ 43 B
416 B 151ms
49ms Image
image/gif 52.48.222.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageview?pid=4400&uu=373136fc-127f-a52d-9123-6749d2b42a45&sn=1&lv=1610114676&lhd=1610114676&hd=1610114676&pn=1&re=1&dw=1600&dh=2990&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&uc=1&la=en-US&cvars=%7B%221%22%3A%5B%22Content%20Tag%22%2C%22SITR%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-sitr%22%5D%7D&cvarp=%7B%221%22%3A%5B%22Content%20Tag%22%2C%22SITR%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-sitr%22%5D%7D&v=9.36.3&r=203108
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.222.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-222-54.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-powered-by: ContentSquare
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK bfd65d89-0e52-4a5d-b55e-153204adb6f3
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/bfd65d89-0e52-4a5d-b55e-153204adb6f3
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9e157b36a3e7e690fd16428b4903938918e49a9f46c34dcf01896b947ea537e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6435
Content-Type: application/javascript

GET
H2 200 pageEvent
c.clicktale.net/ 43 B
415 B 145ms
83ms Image
image/gif 52.48.222.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageEvent?value=MIewdgZglg5gXAAgEoFMA2KCGBnFB9AJgAZiBGI0gFiAAA%3D%3D&isETR=false&v=9.36.3&pid=4400&uu=373136fc-127f-a52d-9123-6749d2b42a45&sn=1&pn=1&r=937570
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.222.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-222-54.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-powered-by: ContentSquare
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/849939417/ 42 B
66 B 82ms
66ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849939417/?random=1610114676550&cv=9&fst=1610114400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&tiba=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&async=1&fmt=3&is_vtc=1&random=2522680848&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/849939417/ 42 B
66 B 77ms
63ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849939417/?random=1610114676550&cv=9&fst=1610114400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&tiba=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&async=1&fmt=3&is_vtc=1&random=2522680848&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/849939417/ 42 B
530 B 73ms
56ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849939417/?random=1610114676529&cv=9&fst=1610114400000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&tiba=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&fmt=3&is_vtc=1&random=1831174734&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/849939417/ 42 B
530 B 71ms
57ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849939417/?random=1610114676529&cv=9&fst=1610114400000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&tiba=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&fmt=3&is_vtc=1&random=1831174734&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dvar
c.clicktale.net/ 43 B
415 B 101ms
50ms Image
image/gif 52.48.222.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/dvar?v=9.36.3&pid=4400&uu=373136fc-127f-a52d-9123-6749d2b42a45&sn=1&pn=1&dv=N4IgxgzgsghgLmAFgSwHYHMDSBTAniALhAAYA6ADgGYAWa8gVgE4B2ARkvsoCZjj6B9VgDZWxVq2pDmQysS4gAvkAAA%3D&r=473344
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.222.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-222-54.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:36 GMT
x-powered-by: ContentSquare
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2053503272&t=event&ni=1&_s=2&dl=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&dp=%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html%3F&ul=en-us&de=UTF-8&dt=Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAiEABBAAAAG~&jid=&gjid=&cid=915203017.1610114676&tid=UA-34796267-1&_gid=1486958918.1610114676&gtm=2wgbu0MP7VKD&cd1=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd29=Not%20Known%20Bot&cd32=Not%20Known%20Bot&cd46=blogs-sitr&cd47=915203017.1610114676&cd64=SITR&cd66=&cd80=0.8344859713532005_1610114676302&cd4=Bot&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Switzerland&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=ZH&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&cd19=(Non-Company%20Visitor)&cd20=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&cd51=(Non-Company%20Visitor)&cd59=(Non-Company%20Visitor)&z=1103305697

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jan 2021 16:12:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78747
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WR1110b.js Show response
cdnssl.clicktale.net/www/ 114 KB
32 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:28a::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/WR1110b.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97240c0c5c751cb8b7a0b8f4bc677295e76ad69ab7f056952e54315e19f3cb4c

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: uGNp6x0227nKI4sFT1hY4ZgMvm9GFufh
content-encoding: br
last-modified: Wed, 06 Jan 2021 10:10:01 GMT
server: AmazonS3
x-amz-request-id: B94BECA9D69B68F2
etag: "82cb2d08363bfb8ae53073d7f0e60de8"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 08 Jan 2021 14:04:37 GMT
accept-ranges: bytes
content-length: 32112
x-amz-id-2: QEEWisCOzV9dLsXocSyPR43I043D/7RTfhAiDWdQrgI5VV9jZ5jk9BTiqSxWxS1OqH+I7vHNPXA=
expires: Sat, 08 Jan 2022 14:04:37 GMT

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
101 B 365ms
121ms XHR
text/plain 18.210.215.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3113685434532437&25500&11&0&0&0&264&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.215.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-215-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 08 Jan 2021 14:04:37 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 38464532-a83b-43ff-beb7-2597a4ee044b
https://blogs.akamai.com/ 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/38464532-a83b-43ff-beb7-2597a4ee044b
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 0

GET
H2 200 dvar
c.clicktale.net/ 43 B
415 B 49ms
49ms Image
image/gif 52.48.222.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/dvar?v=9.36.3&pid=4400&uu=373136fc-127f-a52d-9123-6749d2b42a45&sn=1&pn=1&dv=N4IgggQgsg%2BgIhGBJAdgMwPYCcC2BDAFwEsMUACAGQFMA3KgGxAC4QI8BnIgYxABpxo8RGACuAEyJUUXKs1YYCIAL5AAAA%3D%3D&r=026654
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.222.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-222-54.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:37 GMT
x-powered-by: ContentSquare
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-54527f043b9dd729/ 12 KB
2 KB 215ms
213ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-54527f043b9dd729/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec0ef12b22c4df7e2a0a9f7bc3eeb70daaf7e5358beac2865fb3c1d43457ca80

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:37 GMT
content-encoding: gzip
etag: 1540161347--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=59, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1586

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 129ms
126ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5ff8667497ca1668&bkl=0&bl=1&pdt=148&sid=5ff8667497ca1668&pub=ra-54527f043b9dd729&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=blogs.akamai.com&fp=sitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1610114677398&jsl=8193&uvs=5ff86674dbeddd48000&skipb=1&callback=addthis.cbs.jsonp__26545783995863470
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65843d6d143121bb5d9263167d302b895a9a03052e32dea61a9faa93c8e0da6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:04:37 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 8139 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B607 0
0 36ms
35ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 08 Jan 2021 14:04:37 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 224ms
151ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nujvn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Fri, 08 Jan 2021 14:04:37 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b1c7e615a830aacfe6277a3cbbca45a2
x-transaction: 00d314700082a132
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/135745/ 0
269 B 9ms
8ms Image
text/html 2a02:26f0:6c00::210:ba4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/135745/b?dE=11&cS=11&cE=24&rqS=24&rsS=135&rsE=140&sS=16&dl=139&di=1128&fp=996&dlS=1128&dlE=1128&dc=2356&leS=2357&leE=2383&to=&ol=0&cr=4&mt=&mb=&b=273&u=https%3A//blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/83.0.4103.61%20Safari/537.36&pl=Linux%20x86_64&us=&gh=2.16.186.164&t=&rid=2cc95180&r=31714&akM=dscx&akN=ae&vc=14:17&bpcip=ag1z17ozci&akTX=1&akTI=2cc95180&ai=197727&pmgn=rumBlogsAkamaiCom&pmgi=&pmp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba4b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 14:04:37 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Fri, 08 Jan 2021 14:04:37 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 32ms
32ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 08 Jan 2021 14:04:37 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 122ms
122ms XHR
text/plain 18.210.215.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3113685434532437&25500&11&1&0&1&264&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.215.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-215-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 08 Jan 2021 14:04:37 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 69ms
69ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 08 Jan 2021 14:04:37 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
333 B 218ms
216ms XHR
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
last-modified: Fri, 08 Jan 2021 14:00:00 GMT
server: nginx/1.15.8
date: Fri, 08 Jan 2021 14:04:37 GMT
content-type: application/json
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
BLOB 200
OK abbe5fec-eb2f-42ff-a67c-864fe15a8819
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/abbe5fec-eb2f-42ff-a67c-864fe15a8819
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

GET
BLOB 200
OK 0a4e673a-f5e8-449c-a2b7-5f335af53085
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/0a4e673a-f5e8-449c-a2b7-5f335af53085
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

GET
BLOB 200
OK da6e0dca-b0c5-458a-82ab-a9b0318d2abf
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/da6e0dca-b0c5-458a-82ab-a9b0318d2abf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

GET
BLOB 200
OK b0ec175f-c91a-4698-bd36-52f7d4758ade
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/b0ec175f-c91a-4698-bd36-52f7d4758ade
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 122ms
121ms XHR
text/plain 18.210.215.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3113685434532437&25500&11&2&4&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.215.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-215-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Jan 2021 14:04:37 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 125ms
124ms XHR
text/plain 18.210.215.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3113685434532437&25500&11&3&2&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.215.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-215-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Jan 2021 14:04:37 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 124ms
124ms XHR
text/plain 18.210.215.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3113685434532437&25500&11&4&3&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.215.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-215-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Jan 2021 14:04:37 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 308ms
186ms XHR
text/plain 18.210.215.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3113685434532437&25500&11&5&1&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.215.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-215-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Jan 2021 14:04:38 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1276761735802781&ev=Microdata&dl=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&rl=&if=false&ts=1610114678137&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ransom%20Demands%20Return%3A%20New%20DDoS%20Extortion%20Threats%20From%20Old%20Actors%20Targeting%20Finance%20and%20Retail%20-%20Akamai%20Security%20Intelligence%20and%20Threat%20Research%20Blog%22%2C%22meta%3Adescription%22%3A%22Update%2008%2F24%2F2020%20As%20mentioned%20below%2C%20the%20Akamai%20SIRT%20has%20been%20tracking%20attacks%20from%20the%20so-called%20Armada%20Collective%20and%20Fancy%20Bear%20actors%2C%20who%20are%20sending%20ransom%20letters%20to%20various%20industry%20verticals%20such%20as%20finance%2C%20travel%2C%20and%20e-commerce.%20In%20addition%20to%20the...%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&ec=1&o=30&fbp=fb.1.1610114676631.636718340&it=1610114676498&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 14:04:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Jan 2021 14:04:38 GMT

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 140ms
139ms XHR
text/plain 18.210.215.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3113685434532437&25500&11&6&0&2&264&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.215.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-215-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 08 Jan 2021 14:04:42 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

289 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blogs.akamai.com/	1970-01-19 15:15:16	Name: __atuvs Value: 5ff86674dbeddd48000
blogs.akamai.com/	1970-01-20 00:45:29	Name: __atuvc Value: 1%7C1
.akamai.com/	1970-01-20 00:00:50	Name: __CT_Data Value: gpv=1&ckp=tld&dm=akamai.com&apv_25500_www14=1&cpv_25500_www14=1&rpv_25500_www14=1
.akamai.com/	1970-01-19 15:58:26	Name: _CT_RS_ Value: Recording
blogs.akamai.com/	1970-01-19 15:58:26	Name: clientId Value: 915203017.1610114676
.akamai.com/	1970-01-19 15:15:16	Name: _cs_s Value: 1.1
.akamai.com/	1970-01-20 00:44:38	Name: _cs_id Value: 373136fc-127f-a52d-9123-6749d2b42a45.1610114676.1.1610114676.1610114676.1.1644278676667.Lax.0
.akamai.com/	1970-01-20 08:46:26	Name: _mkto_trk Value: id:642-SKN-449&token:_mch-akamai.com-1610114676638-92251
.akamai.com/	1970-01-19 17:24:50	Name: _fbp Value: fb.1.1610114676631.636718340
.akamai.com/	1970-01-20 00:00:50	Name: WRUID20200910 Value: 3113685434532437
.akamai.com/	1970-01-19 15:15:14	Name: _dc_gtm_UA-34796267-1 Value: 1
.akamai.com/	1970-01-19 15:15:16	Name: _cs_mk Value: 0.8344859713532005_1610114676302
.akamai.com/	1970-01-20 00:44:38	Name: _cs_c Value: 1
.akamai.com/	1970-01-19 17:24:50	Name: _gcl_au Value: 1.1.1011796919.1610114676
.akamai.com/	1970-01-19 15:15:14	Name: _gat Value: 1
.akamai.com/	1970-01-19 15:15:21	Name: ak_bmsc Value: DCEAB8CF61D8A9AB8CF741CB6762A5D50210BAA4EF5700007366F85FCEAB5932~plR/LvwDUaau0A0WqhrcOUxwikuyzZCi2Fh3UlhJZrT/Q380EGAoU9Z01c4owhMK0tp1LNz6RR5FDbU+NyaOMgFi4G6Lh1EttE2nAVHcyBpN+PFXWDkO5nn4UPS6nfR/JxADJadc5FGoiVjN5sCCEJ+kd24C+1w0pgnqWxokFJ5b3BxazA1rLGbrnnoqWHabvv+ptXX3B0bntnBMPYhkJQsTnpdudcGoc1oDQJrtpmsPQ=
.akamai.com/	1970-01-19 15:16:41	Name: _gid Value: GA1.2.1486958918.1610114676
.akamai.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%221%22%3A%5B%22Content%20Tag%22%2C%22SITR%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-sitr%22%5D%7D
.blogs.akamai.com/	1970-01-20 00:00:50	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Jan+08+2021+15%3A04%3A36+GMT%2B0100+(Central+European+Standard+Time)&version=6.10.0&hosts=&consentId=e0173249-ed27-4869-8ba3-2023ea9270c1&interactionCount=0&landingPath=https%3A%2F%2Fblogs.akamai.com%2Fsitr%2F2020%2F08%2Fransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1
.akamai.com/	1970-01-20 08:46:26	Name: _ga Value: GA1.2.915203017.1610114676

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html(Line 1356) Message: /sitr/
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 642-SKN-449 [object Object]
console-api	debug	(Line 1) Message: * ga found *
console-api	debug	(Line 1) Message: * client id tag fired *
console-api	debug	(Line 2) Message: * Client Id - 915203017.1610114676 is set to cookie *
console-api	debug	(Line 2) Message: * Client Id - 915203017.1610114676 is added to global var *
console-api	debug	(Line 1) Message: * ga found *
console-api	debug	(Line 1) Message: * client id tag fired *

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

642-skn-449.mktoresp.com
analytics.twitter.com
api-public.addthis.com
api.company-target.com
attr.ml-api.io
blogs.akamai.com
c.clicktale.net
cdn.cookielaw.org
cdnssl.clicktale.net
connect.facebook.net
ds-aksb-a.akamaihd.net
googleads.g.doubleclick.net
id.rlcdn.com
ing-district.clicktale.net
m.addthis.com
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
s.ml-attr.com
s7.addthis.com
scripts.demandbase.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
v1.addthisedge.com
www.akamai.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
z.moatads.com
s7.addthis.com
104.111.236.192
104.244.42.195
104.244.42.5
104.75.88.112
143.204.202.127
143.204.202.20
18.210.215.148
185.33.221.50
192.28.144.124
199.232.136.157
2.18.235.40
216.58.205.226
2606:4700::6810:9540
2a00:1450:4001:801::200e
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:820::2002
2a00:1450:4001:825::2008
2a00:1450:400c:c00::9a
2a02:26f0:6c00:28a::2db0
2a02:26f0:6c00:28a::6a3
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2a0::2469
2a02:26f0:6c00::210:ba4b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
34.120.207.148
52.31.242.159
52.48.222.54
52.85.115.119
52.85.115.95
68.67.153.60
00339eca686fe2c5885d4d1664a096bc303e614c2770ae844ef06a20dc470be3
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0883f880732798f564802c62ca5d4edd2a328261fbff6f48be75213cdf0fe94b
0b742d531e3ebc345adcdcb7a82c664f6e414b795e4da3675338df5db0b8e78f
10493c31cbfb05ee4bd0f22af083230ea95ea86e926b4518fa8dd84b2fa088a3
106b41d63f8c804c7102e689108b4d29676c6e7a5545ef68a655b50742528c10
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1354a82ea932dc089b9b1a3b0e4bc5aded51feed0f5f5a36f9a3312b9c492725
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a24a40f89e43bf51b891268654284455bb48bdfec890539b1854e37c42a26c5
1f1295f4b9d54a8d20080a781d5bf87713e5159546f23722a1a078cb78221587
29f69e95876c66e283bb1b262c4b6a138f38e1cf5ee38a3a87e2814df6aefa8c
2f627d5e57d146ed2f0c66e92d9d2d59c81fb26040aa0a3ff41d1e283e19bfc2
30d2499e284c2f1815b834bfd6500bf5ad829cc9395490a4fbd9940378e9b61c
3152a355d4cf68dd61ac9af8273818894286a4c739b9fab5cf18cecbc804efda
3860e1517dfa0380194b5ef3378524ded0a189019690b9212760775720b9d3a6
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c03a99ea1625cc1fb8b1be3ea3de4ca7e53b1518266ffd69eace0df05e66f85
3dbdbf1c436bc7ac645619e20285acf1b944a4670cb34062cd10538640932368
432fafb3e594b9f8284c634150dcbc472cb3d44f2d68d1751d73480671c7939e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4a5c6bbe25f10b8c56a9d58bb7a3a957992fc1800b633dd010df58b55f558dae
4b2e7f6dfcfdf500505a34c2eff3d9c129c40439d454b8e0f1889389544a5ac2
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
537b9efe5ce40de4b4b7e207e4aeaeb8950e8411f33e752fb32d161e4629e0c3
5545f074e8bb7905a4d78b195b4963436ce7d222fd33c7b69902e2de5fbf8739
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59f402de9f1e432c10350864d4d9a3f348bea192abfd0785e40f7ab1c49006ed
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6180d8506896f5800407ba421b9e63913d81b7a1dd6469db0a0daf900fb2ac7a
65843d6d143121bb5d9263167d302b895a9a03052e32dea61a9faa93c8e0da6f
684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1
68d7310e853e6676ab8a2cb0e5e815e7c514b6ea75ca1ba6674ccb0be6870bf2
6d97ba15ff527c6ebd5b3b0128e67f14e4b7a95f85f877ce91b7694ea5d67453
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7e47d9a459f7488bb2ffd7b843b82132d2aef171561da8752f26ed4005640bdf
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
8073776d34872ade5733678679780ce4fdbe3f82fed48ce45da7bd19adc41c25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837b1df4e6afd164cddafe91e5801b3dfe5758c32418d1d5236d6c8a23eaf003
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ef54c1884c1f9f172677be4a3893729ef2fa2e0440f84a6662947c5dc626ea
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
92db72d29e0b134689e612a6b14b56876d13046f8c85452dc84398fc4a4b5e1f
9696ba2db9650cf65d236998665cb42afb1bc877ceadd6f88fb542f7725ad557
96c8809164851bdd379b2d0e61ef3df01d33bff486cceaa6d10640a9eec462c5
97240c0c5c751cb8b7a0b8f4bc677295e76ad69ab7f056952e54315e19f3cb4c
993017547fc57980403724962730adc92a9c501296dfc0f98d4bdabc5d0a2948
9b8e4ce379725beb99115050b7339852a1281bdab67ef7bc271a4a48b46969a3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
a96b7c61d78d60b6823b1661a1a53a76efde901485091e74ae37bc78524c25a5
abb0773eae0ab481465b8b2b8c24d244cda36cddac6fe98b43026e60b5eb3492
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae20274b295495503e4df81090332f759159e62e2d498dfea845b79b9011191b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39a9c8d84490ad79c67fe0ab3ba56f88d5ce04c3bcbb4cdf9327b66952bc137
b3b0dba5c94cbc089aba5b6adb107c4df4a2ba3d3554cbe913e965e618974dd7
b3b5a05e8b180cfb6d58884e4106df4c3e74c198e97f09c8d112a3645f265f71
b7758a03b83edf748790c586eb0ea39ce917f49e53371e27d98f65b267c5fa2f
bfdefa732c4bcc15665b62ace0b55019d351cc525026d3476ae8002d0ddbdf43
c23ebf2c0ec8e37a6a0a179720c9763bf4e1f0ed993fe7d0ad41d4d9774fe957
c42bf56f9e8af42a880e5d09ca1a7302b32543fbe3230d3576e7f7270e670755
c6d54db2bc5801a921184a203965986aae0ab1357f2ee5dac73ffba4657a215e
ce97d60e54bb57677634ea2a8d8d89810f3f98e05f67ca1c628fbd4d9a686e65
cf27171500f059178ee707f4adf28e5c8901e691d6db9e0c692fdc3f17208b11
cf298bc13f5a865ac21e9baf8ce6e1c82c7ef02c19a252dbe9e76ffa83bc2e23
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dce60b65c3a2523cfe5906cf9486a9610b51f6ec3469be1097c90614f4a3a7ec
de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e50a46a1fd4f05aa7429af42a6639e888493df71782bac4527295fb36ee9d75e
e9e157b36a3e7e690fd16428b4903938918e49a9f46c34dcf01896b947ea537e
ec0ef12b22c4df7e2a0a9f7bc3eeb70daaf7e5358beac2865fb3c1d43457ca80
edfc6dedf98d3024cc61633b2ee53ab4398e59ad287b132ecf6a41a0acb47d68
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43a43411ce6a34a967594fd01888847ecaa3f137ea58da20a57619454a14b72
f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68
fa851db04e5a6105f684d10a33d2513740bea3d78a2186fd43fbab806eb138a2
fb86d56383ff7fa14b5260253935ce2c27f97945519ab5ff22fde97094926914
ff9b7583ebfa8957c1a5c1a9aa5241023afb110a67a19783babac533875c429c

blogs.akamai.com Open in urlscan Pro 2a02:26f0:6c00:2a0::2469 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

113 Requests

92 %HTTPS

45 %IPv6

29 Domains

36 Subdomains

31 IPs

6 Countries

1796 kBTransfer

5084 kBSize

20 Cookies

74 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blogs.akamai.com Open in urlscan Pro
2a02:26f0:6c00:2a0::2469 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

92 %
HTTPS

45 %
IPv6

29
Domains

36
Subdomains

31
IPs

6
Countries

1796 kB
Transfer

5084 kB
Size

20
Cookies

113 HTTP transactions
2 data transactions