blogs.akamai.com Open in urlscan Pro
2a02:26f0:6c00:297::2469 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Submission: On November 11 via api (November 11th 2020, 2:18:08 pm UTC) from US

Summary HTTP 113 Redirects Links 74 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 28 domains to perform 113 HTTP transactions. The main IP is 2a02:26f0:6c00:297::2469, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is blogs.akamai.com.
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on March 11th 2020. Valid for: a year.

This is the only time blogs.akamai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a02:26f0:6c0... 2a02:26f0:6c00:297::2469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a02:26f0:6c0... 2a02:26f0:6c00:29e::6a3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	104.75.88.112 104.75.88.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:10c... 2a02:26f0:10c:582::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
2	104.111.241.218 104.111.241.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.194.11 13.224.194.11	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:f1:... 2a02:26f0:f1:287::2db0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	13.225.73.6 13.225.73.6	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.89.35 143.204.89.35	16509 (AMAZON-02) (AMAZON-02)
2 2	54.72.203.0 54.72.203.0	16509 (AMAZON-02) (AMAZON-02)
1 2	54.239.192.65 54.239.192.65	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
4	34.203.160.148 34.203.160.148	14618 (AMAZON-AES) (AMAZON-AES)
4	52.212.245.14 52.212.245.14	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
113	30

20 2a02:26f0:6c00:297::2469 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

blogs.akamai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:26f0:6c00:29e::6a3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

www.akamai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.112 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba58 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

ds-aksb-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:582::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.241.218 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-241-218.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-11.fra2.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:f1:287::2db0 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdnssl.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-6.fra2.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.35 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-35.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.203.0 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.192.65 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-65.waw50.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

642-skn-449.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.203.160.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-160-148.compute-1.amazonaws.com

ing-district.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.245.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-245-14.eu-west-1.compute.amazonaws.com

c.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	akamai.com blogs.akamai.com www.akamai.com	2 MB
13	clicktale.net cdnssl.clicktale.net ing-district.clicktale.net c.clicktale.net	156 KB
6	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	192 KB
6	cookielaw.org cdn.cookielaw.org	102 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google.de www.google.de	669 B
3	google.com www.google.com	259 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
2	facebook.com www.facebook.com	477 B
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	facebook.net connect.facebook.net	92 KB
2	marketo.net munchkin.marketo.net	7 KB
2	googleadservices.com www.googleadservices.com	23 KB
2	licdn.com snap.licdn.com	3 KB
2	akamaihd.net ds-aksb-a.akamaihd.net	5 KB
1	twitter.com analytics.twitter.com	651 B
1	addthisedge.com v1.addthisedge.com	2 KB
1	mktoresp.com 642-skn-449.mktoresp.com	311 B
1	t.co t.co	448 B
1	ml-api.io attr.ml-api.io	484 B
1	ml-attr.com 1 redirects s.ml-attr.com	275 B
1	demandbase.com scripts.demandbase.com	18 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	82 KB
113	28

	Domain	Requested by
24	www.akamai.com	blogs.akamai.com
20	blogs.akamai.com	blogs.akamai.com
6	cdn.cookielaw.org	blogs.akamai.com cdn.cookielaw.org
5	cdnssl.clicktale.net	blogs.akamai.com cdnssl.clicktale.net
4	c.clicktale.net	blogs.akamai.com
4	ing-district.clicktale.net	cdnssl.clicktale.net
4	www.google-analytics.com	blogs.akamai.com www.google-analytics.com
4	s7.addthis.com	blogs.akamai.com s7.addthis.com
3	www.google.de	blogs.akamai.com
3	www.google.com	blogs.akamai.com
2	www.facebook.com	blogs.akamai.com
2	segments.company-target.com	1 redirects blogs.akamai.com
2	match.prod.bidr.io	2 redirects
2	px.ads.linkedin.com	1 redirects blogs.akamai.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	secure.adnxs.com	2 redirects
2	connect.facebook.net	blogs.akamai.com connect.facebook.net
2	munchkin.marketo.net	blogs.akamai.com munchkin.marketo.net
2	www.googleadservices.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	ds-aksb-a.akamaihd.net	blogs.akamai.com
1	api-public.addthis.com	s7.addthis.com
1	analytics.twitter.com	static.ads-twitter.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	642-skn-449.mktoresp.com	munchkin.marketo.net
1	api.company-target.com	scripts.demandbase.com
1	www.linkedin.com	1 redirects
1	t.co	blogs.akamai.com
1	attr.ml-api.io	blogs.akamai.com
1	s.ml-attr.com	1 redirects
1	scripts.demandbase.com	blogs.akamai.com
1	static.ads-twitter.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	blogs.akamai.com
113	36

This site contains links to these domains. Also see Links.

Domain
www.akamai.com
www.ir.akamai.com
developer.akamai.com
control.akamai.com
akamai.com
learn.akamai.com
community.akamai.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
blogs.akamai.com DigiCert Secure Site ECC CA-1	`2020-03-11` - `2021-06-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
www.akamai.com DigiCert Secure Site ECC CA-1	`2020-09-17` - `2021-09-17`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
*.clicktale.net DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.ml-api.io Amazon	`2020-02-06` - `2021-03-06`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
c.clicktale.net Amazon	`2020-10-13` - `2021-11-12`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Frame ID: 4D29408F6FD5B92D4C587777F6A4D2D9
Requests: 113 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D6F0098D06AD09BA57FCB30376E58F72
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E790252C57F08273162531F5FC965FA7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

113
Requests

94 %
HTTPS

48 %
IPv6

28
Domains

36
Subdomains

30
IPs

6
Countries

3033 kB
Transfer

6214 kB
Size

20
Cookies

74 Outgoing links

These are links going to different origins than the main page.

URL: https://www.akamai.com/us/en/about/
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/workplace-diversity.jsp
Title: Diversity

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/company-history.jsp
Title: Company History

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/locations.jsp
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/leadership/
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/corporate-responsibility/
Title: Corporate Responsibility

Search URL Search Domain Scan URL

URL: http://www.ir.akamai.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/our-thinking/
Title: Our Thinking

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/partners/
Title: Our Partners

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us.jsp
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/cdn/
Title: CDN

Search URL Search Domain Scan URL

URL: https://developer.akamai.com/
Title: Developers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/akamai-free-trials.jsp
Title: Free Trials

Search URL Search Domain Scan URL

URL: https://control.akamai.com/
Title: Customer Login

Search URL Search Domain Scan URL

URL: https://akamai.com/
Title: Akamai.com

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/world-class-digital-experiences.jsp
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/intelligent-platform/
Title: Intelligent Edge Platform

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/what-we-do/threat-research.jsp
Title: Threat Research

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/security.jsp
Title: Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/performance/
Title: Web Performance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/media/ott-media-delivery.jsp
Title: Media Delivery

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/performance/devops.jsp
Title: DevOps

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/
Title: View All Solutions

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/financial-cdn-services.jsp
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/hotel-travel-cdn-services.jsp
Title: Hotel & Travel

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/media-entertainment-cdn-services.jsp
Title: Media & Entertainment

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/public-sector-cdn-services.jsp
Title: Public Sector

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/retail-consumer-cdn-services.jsp
Title: Retail & Consumer Goods

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/software-technology-cdn-services.jsp
Title: Software & Technology

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/solutions/industries/
Title: View All Solutions

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/security/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/performance/
Title: Web Performance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/media-delivery/
Title: Media Delivery

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/products/network-operator/
Title: Network Operator

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/services/
Title: Services

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/our-customers.jsp
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/visualizing-akamai/
Title: Insights

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/information-security/
Title: Information Security

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/threat-advisories/
Title: Threat Advisories

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/for-cios/
Title: For CIOs

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/our-thinking/state-of-the-internet-report/
Title: State of the Internet Report

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/library.jsp
Title: Document Library

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/cdn-and-cloud-services-glossary.jsp
Title: Glossary

Search URL Search Domain Scan URL

URL: https://learn.akamai.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://community.akamai.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/resources/library.jsp
Title: FEATURED Our Library Search our library for helpful resources on topics you care about. Learn More

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/support/global-support-phone-numbers.jsp
Title: Global Support Phone Numbers

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/support/
Title: Support Resources

Search URL Search Domain Scan URL

URL: https://community.akamai.com/customers/s/support
Title: Support on Community

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/stop-ddos-attacks.jsp
Title: UNDER ATTACK Are You Under Attack? Contact the DDoS Attack Hotline for emergency DDoS protection. Act Now

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/
Title: CONTACT Get in touch Want to get in touch with us? There are multiple ways to contact an Akamai representative. Contact Now

Search URL Search Domain Scan URL

URL: http://www.akamai.com/PIM
Title: www.akamai.com/PIM

Search URL Search Domain Scan URL

URL: http://www.ir.akamai.com/phoenix.zhtml?c=75943&p=irol-irhome
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/compliance/
Title: Compliance

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/student-jobs-internships.jsp
Title: Students

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/careers/working-at-akamai.jsp
Title: Working at Akamai

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/media-resources.jsp
Title: Media Resources

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/news/press-contacts.jsp
Title: Press Contacts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AkamaiTechnologies/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/akamai-technologies
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/Akamai
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/akamaitechnologies
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/about/compliance/data-protection-at-akamai.jsp
Title: TRUST CENTER

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/privacy-policies/
Title: Policy Details

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/
Title: www.akamai.com

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/privacy-policies/legal-notices.jsp
Title: EMEA Legal Notices

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/contact-us/contact-webmaster.jsp
Title: Webmaster

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.akamai.com/us/en/multimedia/documents/akamai/akamai-privacy-statement.pdf
Title: Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dakamai.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=akamai.com&pId=3891599883705258075

Request Chain 79

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605104269928&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D62114%26time%3D1605104269928%26url%3Dhttps%253A%252F%252Fblogs.akamai.com%252F2020%252F11%252Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605104269928&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&liSync=true

Request Chain 81

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAKkP06_V-UAABCCjhwbVQ HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKkP06_V-UAABCCjhwbVQ&verifyHash=58a96b5172d90b1db8606f08ce3e975fc9b48981

113 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html Show response
blogs.akamai.com/2020/11/ 168 KB
26 KB 74ms
25ms Document
text/html 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

525b5a7120237b0bcb87b240291a2595c27ef575f7518db39af87c99f35b2fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: blogs.akamai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Tue, 10 Nov 2020 17:11:51 GMT
ETag: "29b63-5b3c3c6566756-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
X-Akamai-Transformed: 9 - 0 pmb=mRUM,1
Date: Wed, 11 Nov 2020 14:17:48 GMT
Content-Length: 25521
Connection: keep-alive
Set-Cookie: ak_bmsc=C5F85A9F6F776B92CAE38195FB5F28320210BAB5330900008CF2AB5F2311D969~plqD3Wg91B7t7XTCYGMsAw7XiD8RJ/1T37jJIfe8ef6N+8XvbhlCh9GOvXf/cvF9tL+sgREAhx+jEfjSOknB48wXGkbf6E5uvF2KHbh43Gws5IwnsdgA6R8/dZUAZ+aNyIDsT+IgojQzMJftdQQsk1LqzOuUjyZTfPhUewtbvGPjcI2jQg+8Vd4NwjeEk9OfemrKmVHkKV139ge6gVMGAIYbPpJcYxSIkxhRvSlBxnb44=; expires=Wed, 11 Nov 2020 16:17:48 GMT; max-age=7200; path=/; domain=.akamai.com; HttpOnly
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=31536000

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 45ms
28ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lztHLkvcGPqUR1UL9im3jQ==
age: 946
status: 200
vary: Accept-Encoding
content-length: 4134
cf-request-id: 0659448ec40000dff3412d6000000001
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 02:21:18 GMT
server: cloudflare
etag: 0x8D8851F4EE6FEDB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bad31f88-e01e-0171-6616-b7ec8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f08a3913f57dff3-FRA

GET
H/1.1 200
OK styles-31.css
blogs.akamai.com/ 524 B
643 B 12ms
11ms Stylesheet
text/css 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/styles-31.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9b8e4ce379725beb99115050b7339852a1281bdab67ef7bc271a4a48b46969a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:48 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Tue, 19 Nov 2019 11:14:58 GMT
ETag: "20c-597b12cabea0e-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 201
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK mt.js Show response
blogs.akamai.com/ 31 KB
9 KB 35ms
21ms Script
application/javascript 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e885469ef21191a22f8ea11619a1fc57a1893d93bdabad6ef39e987967ed2c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 20:23:51 GMT
ETag: "7b73-5b3c674ff503a-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 8783
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
blogs.akamai.com/js/ 85 KB
30 KB 34ms
20ms Script
application/javascript 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/js/jquery-3.3.1.min.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "1538f-5909ca9aeeb3e-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 30307
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK amp.min.js Show response
blogs.akamai.com/js/amp/ 295 KB
73 KB 26ms
13ms Script
application/javascript 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/js/amp/amp.min.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

edfc6dedf98d3024cc61633b2ee53ab4398e59ad287b132ecf6a41a0acb47d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:48 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "49d3c-5909ca9aefadf-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 73861
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ga-events-new.js Show response
blogs.akamai.com/ 3 KB
1 KB 29ms
16ms Script
application/javascript 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/ga-events-new.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

837b1df4e6afd164cddafe91e5801b3dfe5758c32418d1d5236d6c8a23eaf003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
ETag: "cba-5909ca9a90f1d-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 787
X-Content-Type-Options: nosniff

GET
H2 200 what-we-do-overview.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 11 KB
11 KB 65ms
45ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-overview.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9e03a63a27af3ed05eadbfdb9d7de4ccbfe24adadfa2c3390c70dc09bbd729fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=9
content-length: 11162
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:04 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1d7f4-5b3572c509db1"
x-serial: 86
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050168
expires: Sat, 05 Dec 2020 07:47:17 GMT

GET
H2 200 what-we-do-intelligent-platform.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 30 KB
30 KB 49ms
36ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-intelligent-platform.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

94b8297f3fb848f41fa988ebc575f65c4aa2e458f04dba48025287249bcba66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=8
content-length: 30490
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "4b459-5b3572c406466"
x-serial: 291
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050124
expires: Sat, 05 Dec 2020 07:46:33 GMT

GET
H2 200 what-we-do-threat-research.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 31 KB
32 KB 49ms
48ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-threat-research.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

943bf13a74414d92ca5351ee76bb447f6d251b4de19a82f0160f2450de186402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=29
content-length: 32080
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "e1258-5b3572c47559d"
x-serial: 1148
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050196
expires: Sat, 05 Dec 2020 07:47:45 GMT

GET
H2 200 what-we-do-free-trials.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 20 KB
20 KB 50ms
50ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/what-we-do-free-trials.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b3d0954dce6e71682556b1c8ccaabb10adfb2ff8d6c1dd5c6a989660dcfa967b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=18
content-length: 20368
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "29b47-5b3572c413750"
x-serial: 1084
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050118
expires: Sat, 05 Dec 2020 07:46:27 GMT

GET
H2 200 globe-background.png
www.akamai.com/us/en/multimedia/images/custom/2019/ 2 KB
2 KB 72ms
63ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/custom/2019/globe-background.png?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c52b6154710730fad4aea6cfd15cfd7226a6301285655980feff5cca135bb8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=21
content-length: 1894
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:02 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "ed45-5b3572c476144"
x-serial: 858
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050154
expires: Sat, 05 Dec 2020 07:47:03 GMT

GET
H2 200 threats-can-come-from-anywhere-nav-image.png
www.akamai.com/us/en/multimedia/images/navigation/ 48 KB
49 KB 72ms
63ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/threats-can-come-from-anywhere-nav-image.png?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f8e55488b7aab65a10ccfaa3990a2915d64c722d9b8bf384cd346a04fc511a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=23
content-length: 49622
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "c6be5-5b3572c50f7a0"
x-serial: 105
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050242
expires: Sat, 05 Dec 2020 07:48:31 GMT

GET
H2 200 products-web-performance.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 13 KB
14 KB 114ms
105ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-web-performance.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b458ee55ed784747e997d444d829a353186fa44f5762afe54c626b9fcec8aef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:08 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1d7f9-5b3572c404906"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2050140
server-timing: cdn-cache; desc=HIT, edge; dur=18
content-length: 13720
x-content-type-options: nosniff
expires: Sat, 05 Dec 2020 07:46:49 GMT

GET
H2 200 products-media-delivery.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 16 KB
16 KB 115ms
106ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-media-delivery.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2a7af71edf6d8f39d2c39679cf0ba2f52b10f72a82be4ea866e97590f7be850e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=25
content-length: 15996
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2af11-5b3572c4f5976"
x-serial: 1502
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050343
expires: Sat, 05 Dec 2020 07:50:12 GMT

GET
H2 200 products-network-operator.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 14 KB
14 KB 180ms
172ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-network-operator.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f32102e74e82fcae9c748b45d50ba0f5c112b60984f47db9eba4c1020770ef7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1e340-5b3572c50e01c"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2050194
server-timing: cdn-cache; desc=HIT, edge; dur=27
content-length: 14294
x-content-type-options: nosniff
expires: Sat, 05 Dec 2020 07:47:43 GMT

GET
H2 200 products-services.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 8 KB
9 KB 211ms
203ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-services.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4ea2958d7ec4ed3e4e29d5398463fd4196e128795eb99b467cd548aff6495b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "20b48-5b3572c505765"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2050275
server-timing: cdn-cache; desc=HIT, edge; dur=39
content-length: 8694
x-content-type-options: nosniff
expires: Sat, 05 Dec 2020 07:49:04 GMT

GET
H2 200 products-developers.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 15 KB
16 KB 242ms
234ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-developers.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

725a6e06c6c4db64af816ee1d9f6a82d1d5c99439c2ffe3cd1a58413c736946a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2a716-5b3572c506ed6"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2050054
server-timing: cdn-cache; desc=HIT, edge; dur=33
content-length: 15656
x-content-type-options: nosniff
expires: Sat, 05 Dec 2020 07:45:23 GMT

GET
H2 200 resources-case-studies.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 27 KB
28 KB 243ms
235ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-case-studies.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d0b69006ced59bc683ec91dfa4c2647931b7f9e2fb0b28fb4aad32b3eb56747b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:11 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "46797-5b3572c5043df"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2050269
server-timing: cdn-cache; desc=HIT, edge; dur=31
content-length: 27968
x-content-type-options: nosniff
expires: Sat, 05 Dec 2020 07:48:58 GMT

GET
H2 200 resources-insights.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 34 KB
35 KB 279ms
271ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-insights.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fbd7dc11673944c030c85b314432593439647c0c602eee37dee363c2644465e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=38
content-length: 34916
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5808d-5b3572c502c7b"
x-serial: 154
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2049984
expires: Sat, 05 Dec 2020 07:44:13 GMT

GET
H2 200 resources-soti.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 29 KB
29 KB 319ms
312ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-soti.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e4f900e261a4e95471b85d1b1a97e796c1de085fe6e3db2bd7bb7b3b5bb1e507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=41
content-length: 29280
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "65bc8-5b3572c4f6d1a"
x-serial: 3
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050097
expires: Sat, 05 Dec 2020 07:46:06 GMT

GET
H2 200 resources-document-library.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 16 KB
16 KB 359ms
351ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-document-library.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d327bc6cab8bbd2cc9cb1190c836e414b1c13ba03fd05c1f7e4adca28af12968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=42
content-length: 16306
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:11 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "27653-5b3572c4f45f5"
x-serial: 937
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050119
expires: Sat, 05 Dec 2020 07:46:28 GMT

GET
H2 200 resources-cdn.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 38 KB
38 KB 410ms
403ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-cdn.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9b28e38e151bcfc7e99f314fb6208cdf4dccb19532794a087fd06d08e8ad9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=53
content-length: 38412
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:11 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5745c-5b3572c50b534"
x-serial: 1255
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050175
expires: Sat, 05 Dec 2020 07:47:24 GMT

GET
H2 200 resources-glossary.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 9 KB
9 KB 448ms
441ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-glossary.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a1f08a0ffef73b63bbb91e8205a1d4560cc8ee214855558336f9d0473a20da26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "15e1b-5b3572c403196"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2050328
server-timing: cdn-cache; desc=HIT, edge; dur=41
content-length: 8870
x-content-type-options: nosniff
expires: Sat, 05 Dec 2020 07:49:57 GMT

GET
H2 200 resources-documentation.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 9 KB
10 KB 529ms
523ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-documentation.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a9dc975308ae1e0ba49e3cf0cc63c99f9e13a130898abc11746b7e1a4e749471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2788c-5b3572c4fceba"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2050220
server-timing: cdn-cache; desc=HIT, edge; dur=47
content-length: 9650
x-content-type-options: nosniff
expires: Sat, 05 Dec 2020 07:48:09 GMT

GET
H2 200 resources-for-developers.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 19 KB
19 KB 529ms
523ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-for-developers.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

19219f72fd4543cecc1d8b29990dbad3d015c4d0e380c9dce85a3302d456ce1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=37
content-length: 19460
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "33d16-5b3572c4f9419"
x-serial: 458
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050217
expires: Sat, 05 Dec 2020 07:48:06 GMT

GET
H2 200 resources-community.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 23 KB
23 KB 577ms
571ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/resources-community.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f8b2738e130b776517f2ea440e738df920492b1445191f068bcec61511e9d5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=48
content-length: 23374
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "38645-5b3572c45e660"
x-serial: 1329
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050293
expires: Sat, 05 Dec 2020 07:49:22 GMT

GET
H2 200 products-security.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 11 KB
12 KB 671ms
665ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/products-security.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

42004773101c4797209f723da0d0bc72d504a0a5cc0c8ec05211a10c58ac0191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=51
content-length: 11438
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "1ceb8-5b3572c4fa797"
x-serial: 1879
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050269
expires: Sat, 05 Dec 2020 07:48:58 GMT

GET
H2 200 contact-locations.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 62 KB
62 KB 671ms
666ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/contact-locations.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

74947c105fbe072189e449936e31c01048e8d20ea4137098eff1b1fdc09ec3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:09 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "5ae34-5b3572c46c509"
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=2050109
server-timing: cdn-cache; desc=HIT, edge; dur=44
content-length: 62998
x-content-type-options: nosniff
expires: Sat, 05 Dec 2020 07:46:18 GMT

GET
H2 200 contact-us-featured.jpg
www.akamai.com/us/en/multimedia/images/navigation/ 22 KB
22 KB 718ms
712ms Image
image/webp 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/navigation/contact-us-featured.jpg?imwidth=320

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3dbb8c3acfe4fbeb258194c9f772218f7d4b825c0a7c96650dffe47f81495b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=47
content-length: 22412
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 05 Nov 2020 07:41:10 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "2016f-5b3572c472e7b"
x-serial: 1331
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2050133
expires: Sat, 05 Dec 2020 07:46:42 GMT

GET
H/1.1 200
OK the-akamai-blog-hero-image.png
blogs.akamai.com/images/patterns/ 273 KB
273 KB 24ms
19ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/images/patterns/the-akamai-blog-hero-image.png?imwidth=1366

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9696ba2db9650cf65d236998665cb42afb1bc877ceadd6f88fb542f7725ad557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Mon, 13 Jan 2020 12:33:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "4429f-59c04ae2fc39d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279199
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK userpic-781-100x100.png
blogs.akamai.com/mt-static/support/assets_c/userpics/ 16 KB
17 KB 21ms
16ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/mt-static/support/assets_c/userpics/userpic-781-100x100.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

3b22ee26f24258ced44341fca66e9e8dc7037cc531ce7229d0eb70a78b7e7113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Mon, 09 Nov 2020 19:35:39 GMT
X-Frame-Options: SAMEORIGIN
ETag: "4120-5b3b1aac8082a"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16672
X-Content-Type-Options: nosniff

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 80ms
27ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Wed, 11 Nov 2020 14:17:49 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK WebSocketsBlog1v3_11.10-thumb-700xauto-11484.png
blogs.akamai.com/assets_c/2020/11/ 135 KB
135 KB 94ms
90ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog1v3_11.10-thumb-700xauto-11484.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

375b990e5422e1ba8307db7b5c67975b2e3667b0b1bdc9469345cfb6b2a963ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:06:08 GMT
X-Frame-Options: SAMEORIGIN
ETag: "21c45-5b3c2db50ce31"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138309
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog2v3_11.10-thumb-autox825-11486.png
blogs.akamai.com/assets_c/2020/11/ 204 KB
205 KB 104ms
100ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog2v3_11.10-thumb-autox825-11486.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

84f32e9d2bc90eba7d310965d6c3e53837e2a8681c2fc3aa710b474a8e4a7046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:51:55 GMT
X-Frame-Options: SAMEORIGIN
ETag: "331b6-5b3c37f118be0"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 209334
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog3v3_11.10-thumb-700xauto-11488.png
blogs.akamai.com/assets_c/2020/11/ 62 KB
63 KB 82ms
78ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog3v3_11.10-thumb-700xauto-11488.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1e2942cee7c1918b78c99fef5e4e14353452aa940a2340e378473392bc1508dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:53:34 GMT
X-Frame-Options: SAMEORIGIN
ETag: "f8f1-5b3c384f4ceec"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63729
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog4v3_11.10-thumb-autox1024-11490.png
blogs.akamai.com/assets_c/2020/11/ 383 KB
383 KB 83ms
69ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog4v3_11.10-thumb-autox1024-11490.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

bb26b55b6ad213db632a6a4cde85e187746648f0feef6e2eaaed82ee5ec111e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:54:35 GMT
X-Frame-Options: SAMEORIGIN
ETag: "5fa4d-5b3c388a3ccf7"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 391757
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog5v2_11.10-thumb-700xauto-11492.png
blogs.akamai.com/assets_c/2020/11/ 93 KB
94 KB 60ms
59ms Image
image/png 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog5v2_11.10-thumb-700xauto-11492.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

da19a0ad5bc11f470b286a87017889c2a95e351bf5ad91327c07f488ff958a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 16:55:28 GMT
X-Frame-Options: SAMEORIGIN
ETag: "175e0-5b3c38bc61b6b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95712
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebSocketsBlog6_11.10-thumb-700x799-11480.gif
blogs.akamai.com/assets_c/2020/11/ 153 KB
153 KB 61ms
60ms Image
image/gif 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.akamai.com/assets_c/2020/11/WebSocketsBlog6_11.10-thumb-700x799-11480.gif

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

533a3c28a3967a637a86822731f6ae063c9adc4210de1ce3a8aefd9961577cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Tue, 10 Nov 2020 15:07:15 GMT
X-Frame-Options: SAMEORIGIN
ETag: "263ed-5b3c208c3f936"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156653
X-Content-Type-Options: nosniff

GET
H2 200 cd9f1ea0-59ae-4aca-a474-1dc30ccae008.json Show response
cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/ 2 KB
2 KB 32ms
16ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/cd9f1ea0-59ae-4aca-a474-1dc30ccae008.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0dea7631b5f30523b0e56256fb2b7d9b6dd02d4bc98556de875d6e53637802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sk2tZCa9uS3ylpSlPJ5gNg==
age: 1294
status: 200
vary: Accept-Encoding
content-length: 1113
cf-request-id: 0659448efb0000d6c1679bf000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Sep 2020 18:46:56 GMT
server: cloudflare
etag: 0x8D85039BBA2152E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c821ccf5-001e-00fc-77d0-b4e679000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f08a3918d55d6c1-FRA

GET
H/1.1 200
OK screen3.css
blogs.akamai.com/mt-static/support/themes/akamai/ 856 KB
128 KB 19ms
18ms Stylesheet
text/css 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt-static/support/themes/akamai/screen3.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/styles-31.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b3b5a05e8b180cfb6d58884e4106df4c3e74c198e97f09c8d112a3645f265f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/styles-31.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:20 GMT
ETag: "d61b9-5909ca9b4a81f-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 130439
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK blogs_theme3_2.css
blogs.akamai.com/mt-static/support/themes/akamai/ 41 KB
8 KB 17ms
16ms Stylesheet
text/css 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/styles-31.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

68d7310e853e6676ab8a2cb0e5e815e7c514b6ea75ca1ba6674ccb0be6870bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.akamai.com/styles-31.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Thu, 06 Aug 2020 10:55:53 GMT
ETag: "a30f-5ac33550c5d33-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 7547
X-Content-Type-Options: nosniff

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
68 KB 19ms
15ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 274411
status: 200
vary: Accept-Encoding
content-length: 69711
cf-request-id: 0659448f4f0000dff3862a6000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2475bc65-c01e-0004-31b6-b52d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f08a39218fadff3-FRA
expires: Thu, 19 Nov 2020 14:17:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3721
date: Wed, 11 Nov 2020 13:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 11 Nov 2020 15:15:48 GMT

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ 13 KB
5 KB 9ms
6ms Script
application/x-javascript 2a02:26f0:6c00::210:ba58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba58 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: Apache
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 408 KB
82 KB 22ms
19ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

112c17a4ac183b69fb78e930c74bd1fb71300897dcae47977e49399e053bb09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83667
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Nov 2020 14:17:49 GMT

GET
H2 200 akamai-logo.png
www.akamai.com/us/en/multimedia/images/logo/ 4 KB
4 KB 772ms
769ms Image
image/png 2a02:26f0:6c00:29e::6a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.akamai.com/us/en/multimedia/images/logo/akamai-logo.png

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/screen3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29e::6a3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3dbdbf1c436bc7ac645619e20285acf1b944a4670cb34062cd10538640932368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
referrer-policy: same-origin
last-modified: Thu, 19 Mar 2020 17:25:18 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
etag: "3077-58340f2ca4ca0"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
cache-control: private, no-transform, max-age=789038
server-timing: cdn-cache; desc=HIT, edge; dur=31
content-length: 4118
x-content-type-options: nosniff
expires: Fri, 20 Nov 2020 17:28:27 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb86d56383ff7fa14b5260253935ce2c27f97945519ab5ff22fde97094926914

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK icomoon.woff
blogs.akamai.com/fonts/icomoon/ 115 KB
115 KB 435ms
371ms Font
application/font-woff 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/icomoon/icomoon.woff

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

8073776d34872ade5733678679780ce4fdbe3f82fed48ce45da7bd19adc41c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "1cbe8-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
Content-Type: application/font-woff
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117736
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-r.woff2
blogs.akamai.com/fonts/ubuntu/ 29 KB
30 KB 465ms
394ms Font
text/plain 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-r.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

30d2499e284c2f1815b834bfd6500bf5ad829cc9395490a4fbd9940378e9b61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "7534-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30004
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-l.woff2
blogs.akamai.com/fonts/ubuntu/ 28 KB
28 KB 482ms
398ms Font
text/plain 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-l.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

10493c31cbfb05ee4bd0f22af083230ea95ea86e926b4518fa8dd84b2fa088a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "7018-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28696
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ubuntu-m.woff2
blogs.akamai.com/fonts/ubuntu/ 29 KB
30 KB 453ms
369ms Font
text/plain 2a02:26f0:6c00:297::2469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.akamai.com/fonts/ubuntu/ubuntu-m.woff2

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:297::2469 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

92db72d29e0b134689e612a6b14b56876d13046f8c85452dc84398fc4a4b5e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://blogs.akamai.com
Referer: https://blogs.akamai.com/mt-static/support/themes/akamai/blogs_theme3_2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Referrer-Policy: same-origin
Last-Modified: Wed, 21 Aug 2019 08:50:19 GMT
X-Frame-Options: SAMEORIGIN
ETag: "74a0-5909ca9a8c0fb"
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
X-Content-Type-Options: nosniff

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1157969756&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&ul=en-us&de=UTF-8&dt=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1480807808&gjid=193165357&cid=946794791.1605104269&tid=UA-34883906-1&_gid=1396379063.1605104269&_r=1&_slc=1&z=2032031089

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/79e79048-5d98-4078-9e1e-1feaa288d7f2/ 50 KB
12 KB 14ms
14ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cd9f1ea0-59ae-4aca-a474-1dc30ccae008/79e79048-5d98-4078-9e1e-1feaa288d7f2/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea7c7f59e99dfc7785f9ffefd329d64023dd97b9b27c1c12835fada874279a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ELdXJ3HgbAQ02zTbDiNNQw==
age: 2705
status: 200
vary: Accept-Encoding
content-length: 12498
cf-request-id: 06594490af0000d6c155a80000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Sep 2020 18:43:34 GMT
server: cloudflare
etag: 0x8D85039432A043B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 60e9651c-501e-00ab-3ea1-b10ff4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f08a3944c74d6c1-FRA

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 102ms
32ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 6CDA04CEF72D568E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=39909
accept-ranges: bytes
content-length: 948
x-amz-id-2: vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
4 KB 17ms
17ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 542647
status: 200
vary: Accept-Encoding
content-length: 3248
cf-request-id: 06594491370000d6c165109000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c7a978a4-501e-00c6-7245-b3a5da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f08a3952e58d6c1-FRA
expires: Thu, 19 Nov 2020 14:17:49 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/v2/ 42 KB
11 KB 19ms
19ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e767ae101e0f675e800b3c78bcce8b95658524a3b1df6d9d3f1931f41e31f09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8O+MrA5l6uZAF8rA//NRFA==
age: 723284
status: 200
vary: Accept-Encoding
content-length: 11144
cf-request-id: 06594491380000d6c142b81000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:19 GMT
server: cloudflare
etag: 0x8D84A3B56BE267C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9482acc7-601e-016b-63a1-b1c3e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f08a3952e5bd6c1-FRA
expires: Thu, 19 Nov 2020 14:17:49 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34796267-1&cid=946794791.1605104269&jid=690932486&gjid=1192020710&_gid=1396379063.1605104269&_u=aGDAgEABAAAAAG~&z=1831191045

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Nov 2020 14:17:49 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 78ms
25ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
age: 60309
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4049-HHN
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
x-timer: S1605104270.830870,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 30ms
9ms Script
application/x-javascript 2a02:26f0:10c:582::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=26984
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 89ms
33ms Script
text/javascript 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f226.1e100.net

Software

cafe /

Resource Hash

cd0b93e601f0c6879b03f1cf419a72c592d57a4902f4a2ad4fd442ca964a62b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11477
x-xss-protection: 0
server: cafe
etag: 4463296694571982414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 14:17:49 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 94ms
30ms Script
application/x-javascript 104.111.241.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.218 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-241-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 uDRtxOMd.min.js Show response
scripts.demandbase.com/ 70 KB
18 KB 122ms
33ms Script
application/javascript 13.224.194.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/uDRtxOMd.min.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-11.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d69daccb0fc6797291cf45920cd24cc6876a52ed13a6ae5d76fc598d86c16619

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 65JtMpjs2W5KLjvnd_sFTS3SzQ796Zou
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 14:09:56 GMT
server: AmazonS3
age: 1943
etag: "0dd3a3e96500a8f7554b4576b4d34edb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
date: Wed, 11 Nov 2020 13:46:22 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: rX6KztQLH97GNKNz8Z_z-P00qs6vhxt6tsR7to8dFGs7g_b6k-M86A==
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/www14/ptc/ 203 KB
45 KB 28ms
7ms Script
application/javascript 2a02:26f0:f1:287::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www14/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:287::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780ea58d20d64c191392bd73c0aa82de2f2d1164da02e3f50bfc8b1587688d01

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: IB7MOU7lQ0DxSADLMJsGoOW44Uj9a_Qa
content-encoding: gzip
etag: "40f7ad7e993c41d3483316c56ff5dc5f"
x-amz-request-id: 69CFA42CAE1A2A4B
status: 200
content-length: 45165
x-amz-id-2: xWFzI+YWEa/jG2bj5m6qTJtBeUaiFy2Aj7WUnqgyqudeBzBBwPfy/dE+jNPukYwzMkbL22+mjlU=
last-modified: Tue, 10 Nov 2020 09:11:40 GMT
server: AmazonS3
date: Wed, 11 Nov 2020 14:17:49 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 11 Nov 2020 14:27:49 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 88ms
41ms Script
text/javascript 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP7VKD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f226.1e100.net

Software

cafe /

Resource Hash

823cb0a78f40ffe964057ee45ec80564b9a9f38b1d1c01c70e5ed2d543937f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11441
x-xss-protection: 0
server: cafe
etag: 10308385200965969067
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 14:17:49 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: ltbW0/z/qdwhyIfoG2yKamhWdTuEHxVf2VwuoCDIAWHvvQCrvFl0+uEQ7NorQL81QgAnP+EElTIoVhdNn5ENHQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 11 Nov 2020 14:17:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 8ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1157969756&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&dp=%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html%3F&ul=en-us&de=UTF-8&dt=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAC~&jid=690932486&gjid=1192020710&cid=946794791.1605104269&tid=UA-34796267-1&_gid=1396379063.1605104269&gtm=2wgas1MP7VKD&cd1=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd29=Not%20Known%20Bot&cd32=Not%20Known%20Bot&cd46=blogs-us&cd47=946794791.1605104269&cd64=Cloud%20Security%2CRetail%20%26%20Commerce&cd66=&cd80=0.22868847951761762_1605104269733&z=558640880

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 09:23:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17634
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dakamai.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dakamai.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=akamai.com&pId=3891599883705258075

4 B
484 B

449ms
372ms

Image
image/jpeg

13.225.73.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=akamai.com&pId=3891599883705258075
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.73.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-6.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:50 GMT
Via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
x-amzn-RequestId: 61d6acd0-97bb-42b8-8804-4638a89278b4
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
X-Amzn-Trace-Id: Root=1-5fabf28e-7c0432502163b196713061e6;Sampled=0
Connection: keep-alive
x-amz-apigw-id: V2LWTFJbIAMFU-w=
Content-Length: 4
X-Amz-Cf-Id: F-rf6Qog7zW6igTO6j1OnAtry0xi7UeqzeghAkgCffTIJoKu1miLDg==

Redirect headers

Pragma: no-cache
Date: Wed, 11 Nov 2020 14:17:50 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.153:80
AN-X-Request-Uuid: b4b09467-1215-4d04-a6e6-d196d7bc7fb1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=akamai.com&pId=3891599883705258075
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 31ms
30ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34796267-1&cid=946794791.1605104269&jid=690932486&_u=aGDAgEABAAAAAG~&z=10165077

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 32ms
32ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34796267-1&cid=946794791.1605104269&jid=690932486&_u=aGDAgEABAAAAAG~&z=10165077

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1276761735802781 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1276761735802781?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f88b2a24f841bdebc7b73ec1e58f2b4899fec6c11375601e350033946d7d583f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69759
x-xss-protection: 0
pragma: public
x-fb-debug: SVx70zn957yASxZ6nCw84DbyLGXywufC5+cqYA3dFeMI6f2GGvbqBKQ7cxKj2kbt3J6aYqSZOwMvcn5VB88TMQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 11 Nov 2020 14:17:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:582::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=48632
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/ptc/ 57 KB
14 KB 8ms
8ms Script
application/javascript 2a02:26f0:f1:287::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www14/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:287::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29f69e95876c66e283bb1b262c4b6a138f38e1cf5ee38a3a87e2814df6aefa8c

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 9hQDO8sHW7BRvKkGR67xT22JyL9gsSWi
content-encoding: gzip
etag: "0aa215c5963b53ef3f0a06cdcb5fa668"
x-amz-request-id: C8F1A2E750BC9728
status: 200
content-length: 14326
x-amz-id-2: z0KaiMzDhncCa2k4eottlqrG72tqvVaW3QmlDgVsye7wJuWRSVrt038hTn96HHnpRRoYtu5FnUc=
last-modified: Fri, 30 Oct 2020 15:10:24 GMT
server: AmazonS3
date: Wed, 11 Nov 2020 14:17:49 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 11 Nov 2020 14:27:49 GMT

GET
BLOB 200
OK d7ce5bba-af38-43a8-87ba-3c61094ed511
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/d7ce5bba-af38-43a8-87ba-3c61094ed511
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78780b4c895552058a088bb03d1d661f866e2a702b6ef0fc81da3fb4b699fe90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6342
Content-Type: application/javascript

GET
BLOB 200
OK fa25335a-6827-465f-bb38-b95189a11979
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/fa25335a-6827-465f-bb38-b95189a11979
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78780b4c895552058a088bb03d1d661f866e2a702b6ef0fc81da3fb4b699fe90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6342
Content-Type: application/javascript

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/ 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/?random=1605104269916&cv=9&fst=1605104269916&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58ccd1f27ccd00a7f5ab181319c4b09678ae4b7bdac118a60760e09dc49c2119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 33ms
32ms Script
application/x-javascript 104.111.241.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.218 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-241-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Fri, 19 Feb 2021 14:17:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849939417/?random=1605104269920&cv=9&fst=1605104269920&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

138d8daa9df59c0b8ed55534c8e15f31c3c7026597ceb7e945efe2e2e3415d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 205ms
144ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nujvn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Wed, 11 Nov 2020 14:17:50 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7edc956c5abc70265fdff8b36aa272e0
x-transaction: 000694d30017e510
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605104269928&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensi...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D62114%26time%3D1605104269928%26url%3Dhttps%253A%252F%252Fblogs.akamai.com%252F202...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605104269928&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensi...

0
273 B

182ms
182ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605104269928&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&liSync=true
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:50 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: ymzzZtR5RhZwWseWIisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: wYpqX9R5RhZgg+NG3CoAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 5050AD3CFA5640C18129E7A36E13D441 Ref B: FRAEDGE1315 Ref C: 2020-11-11T14:17:50Z
x-frame-options: sameorigin
date: Wed, 11 Nov 2020 14:17:50 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62114&time=1605104269928&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 429 B
938 B 150ms
84ms XHR
application/json 143.204.89.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&page_title=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&src=tag&key=c07e50e50d026064d820ab45cdd46518636e8993
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/uDRtxOMd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-35.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c23ebf2c0ec8e37a6a0a179720c9763bf4e1f0ed993fe7d0ad41d4d9774fe957

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:50 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
request-id: 10c4d08a-ca96-47f2-acf6-60a5d1c73b57
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://blogs.akamai.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TXJpei0qVJ9tx7kZCXhDXY7XksU_iM0eoqQHonV7bZ8FhsJQYykB4g==
expires: Tue, 10 Nov 2020 14:17:50 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAKkP06_V-UAABCCjhwbVQ
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKkP06_V-UAABCCjhwbVQ&verifyHash=58a96b5172d90b1db8606f08ce3e975fc9b48981

26 B
409 B

267ms
267ms

Image
image/gif

54.239.192.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKkP06_V-UAABCCjhwbVQ&verifyHash=58a96b5172d90b1db8606f08ce3e975fc9b48981
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.239.192.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-239-192-65.waw50.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:50 GMT
Via: 1.1 8a90372b0bc378a280335b1e5010d8c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: WAW50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 11461123cfcf7502
X-Amz-Cf-Id: VvO7II8BqWaz2--9A5Pyl-bUI8CBUdxGJPeAa4XgA04wCByEz57phA==

Redirect headers

Date: Wed, 11 Nov 2020 14:17:50 GMT
Via: 1.1 8a90372b0bc378a280335b1e5010d8c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: WAW50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAKkP06_V-UAABCCjhwbVQ&verifyHash=58a96b5172d90b1db8606f08ce3e975fc9b48981
Connection: keep-alive
trace-id: f0473ddfacf23ea1
Content-Length: 0
X-Amz-Cf-Id: aReAFX18cklXwRFpHWQEeDwIIqa5oW_hzLlYsbcZPVnpm4a4T_pk5Q==

GET
H2 200 /
www.facebook.com/tr/ 44 B
331 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1276761735802781&ev=PageView&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&rl=&if=false&ts=1605104269950&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1605104269949.679690052&it=1605104269876&coo=false&rqm=GET

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Nov 2020 14:17:49 GMT

GET
H2 200 b6be0a52-6193-4a3b-88ea-f63743b4294c.js Show response
cdnssl.clicktale.net/pcc/ 161 KB
40 KB 8ms
7ms Script
application/javascript 2a02:26f0:f1:287::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/pcc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js?DeploymentConfigName=Release_20201014&Version=5
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:287::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e50a46a1fd4f05aa7429af42a6639e888493df71782bac4527295fb36ee9d75e

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: BJ62TS.ObDTftBeg0YPy.gkc7X2qxQNp
content-encoding: gzip
etag: "9836c3bea1d4199f192061b0a3a3d316"
x-amz-request-id: CC3F56B1839DF08C
status: 200
content-length: 40652
x-amz-id-2: LTT2krVq1pQU8+/8/DYbdqet/WP3gAlH5ChxRxBjCKo6tXHRMVNwWdCov4KIK7tYS0Xgucx9jeI=
last-modified: Wed, 14 Oct 2020 17:15:22 GMT
server: AmazonS3
date: Wed, 11 Nov 2020 14:17:50 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 14:17:50 GMT

GET
H2 200 latest-WR110.js Show response
cdnssl.clicktale.net/www/ 54 KB
18 KB 7ms
6ms Script
application/javascript 2a02:26f0:f1:287::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/b6be0a52-6193-4a3b-88ea-f63743b4294c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:287::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aae274ea0ffe43e0504cf9d70015a59dd87b20713c1061f8ed91f0c738262771

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: FB5YB3Kuoc.rKy8xu20Fm6Doy3Y7jiuL
content-encoding: gzip
etag: "d27610e9499e15a8696c6393f7c046f1"
x-amz-request-id: 11EEA0BDD194BF32
status: 200
content-length: 18531
x-amz-id-2: XvIH1y4k+3ZOjtMDo+jAfc73Pb6kqo+F/tHv5a1WHNsF+876W/hJkZsoVEEtyanJ77Qj9dnXI9o=
last-modified: Thu, 29 Oct 2020 13:13:12 GMT
server: AmazonS3
date: Wed, 11 Nov 2020 14:17:50 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 12 Nov 2020 14:17:50 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/849939417/ 42 B
65 B 27ms
25ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849939417/?random=1605104269916&cv=9&fst=1605103200000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&async=1&fmt=3&is_vtc=1&random=2334056087&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/849939417/ 42 B
65 B 64ms
48ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849939417/?random=1605104269916&cv=9&fst=1605103200000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&async=1&fmt=3&is_vtc=1&random=2334056087&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/849939417/ 42 B
88 B 25ms
24ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849939417/?random=1605104269920&cv=9&fst=1605103200000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&fmt=3&is_vtc=1&random=933246755&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/849939417/ 42 B
498 B 51ms
36ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849939417/?random=1605104269920&cv=9&fst=1605103200000&num=1&label=mlQrCKqk0n0Q2ZeklQM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&tiba=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&fmt=3&is_vtc=1&random=933246755&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
642-skn-449.mktoresp.com/webevents/ 2 B
311 B 591ms
109ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://642-skn-449.mktoresp.com/webevents/visitWebPage?_mchNc=1605104270016&_mchCn=&_mchId=642-SKN-449&_mchTk=_mch-akamai.com-1605104270014-67987&_mchWs=j1RQ&_mchHo=blogs.akamai.com&_mchPo=&_mchRu=%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 14:17:50 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 81abcf69-a7d9-428f-88cd-2744dc2c07bb

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/auth/ 240 B
390 B 371ms
118ms XHR
application/json 34.203.160.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/auth/?pid=25500&as=1&1022121288&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.160.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-160-148.compute-1.amazonaws.com
Software: /
Resource Hash: fcd12f8cf110f0be2649040783e879d2bacefbf529875c900231a3f5f0132918

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 11 Nov 2020 14:17:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://blogs.akamai.com
content-length: 240
content-type: application/json; charset=UTF-8

GET
H2 200 pageview
c.clicktale.net/ 43 B
415 B 152ms
47ms Image
image/gif 52.212.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageview?pid=4400&uu=3134f3c8-127f-af85-8522-b12f77598e28&sn=1&lv=1605104270&lhd=1605104270&hd=1605104270&re=1&pn=1&dw=1600&dh=6909&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&uc=1&la=en-US&cvars=%7B%221%22%3A%5B%22Content%20Tag%22%2C%22Cloud%20Security%2CRetail%20%26%20Commerce%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-us%22%5D%7D&cvarp=%7B%221%22%3A%5B%22Content%20Tag%22%2C%22Cloud%20Security%2CRetail%20%26%20Commerce%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-us%22%5D%7D&v=9.33.0&r=392803
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.245.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-245-14.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
x-powered-by: ContentSquare
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK 6bd62a75-d9ac-43bd-9ec1-744a135858df
https://blogs.akamai.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/6bd62a75-d9ac-43bd-9ec1-744a135858df
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78780b4c895552058a088bb03d1d661f866e2a702b6ef0fc81da3fb4b699fe90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 6342
Content-Type: application/javascript

GET
H2 200 pageEvent
c.clicktale.net/ 43 B
416 B 146ms
47ms Image
image/gif 52.212.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageEvent?value=MIewdgZglg5gXAAgEoFMA2KCGBnFB9AJgAZiBGI0gFiAAA%3D%3D&isETR=false&v=9.33.0&pid=4400&uu=3134f3c8-127f-af85-8522-b12f77598e28&sn=1&pn=1&r=925682
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.245.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-245-14.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
x-powered-by: ContentSquare
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 dvar
c.clicktale.net/ 43 B
415 B 109ms
48ms Image
image/gif 52.212.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/dvar?v=9.33.0&pid=4400&uu=3134f3c8-127f-af85-8522-b12f77598e28&sn=1&pn=1&dv=N4IgxgzgsghgLmAFgSwHYHMDSBTAniALhAAYA6AJnIA4A2KqgFgHYBOAVgEYmaubyB9DjWKdiDcjRZMAzNJABfIA&r=064181
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.245.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-245-14.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
x-powered-by: ContentSquare
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1157969756&t=event&ni=1&_s=2&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&dp=%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html%3F&ul=en-us&de=UTF-8&dt=A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAiEABBAAAAG~&jid=&gjid=&cid=946794791.1605104269&tid=UA-34796267-1&_gid=1396379063.1605104269&gtm=2wgas1MP7VKD&cd1=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd29=Not%20Known%20Bot&cd32=Not%20Known%20Bot&cd46=blogs-us&cd47=946794791.1605104269&cd64=Cloud%20Security%2CRetail%20%26%20Commerce&cd66=&cd80=0.22868847951761762_1605104269733&cd4=Bot&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Switzerland&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=ZH&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&cd19=(Non-Company%20Visitor)&cd20=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&cd51=(Non-Company%20Visitor)&cd59=(Non-Company%20Visitor)&z=1850938991

Requested by

Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 09:23:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17635
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WR118b.js Show response
cdnssl.clicktale.net/www/ 113 KB
36 KB 6ms
6ms Script
application/javascript 2a02:26f0:f1:287::2db0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/WR118b.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:287::2db0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79e7bbd861755f670d155016146c3f83f61661eb20495627266a5e6569c1bc03

Request headers

Origin: https://blogs.akamai.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hgVr5a.ukRqk_sVg8uIRfAQucofhpJuo
content-encoding: gzip
etag: "534d1584b1a61113afdd74bb0ae033aa"
x-amz-request-id: 56966A246C949E3C
status: 200
content-length: 36419
x-amz-id-2: 5+6x4s/kzO+8kOEW4pQ7Cz5NXa8QeL0yKNjiVauGFyDCwSgKW6XqdNis+sMIB6vWw35vwjSBIzE=
last-modified: Thu, 29 Oct 2020 12:52:34 GMT
server: AmazonS3
date: Wed, 11 Nov 2020 14:17:50 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 14:17:50 GMT

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
101 B 371ms
128ms XHR
text/plain 34.203.160.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3031594931880143&25500&11&0&0&0&264&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.160.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-160-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 11 Nov 2020 14:17:50 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 59dc1cbc-a80a-4e89-a6ed-98ed33b3d4ef
https://blogs.akamai.com/ 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/59dc1cbc-a80a-4e89-a6ed-98ed33b3d4ef
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 0

GET
H2 200 dvar
c.clicktale.net/ 43 B
415 B 48ms
47ms Image
image/gif 52.212.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/dvar?v=9.33.0&pid=4400&uu=3134f3c8-127f-af85-8522-b12f77598e28&sn=1&pn=1&dv=N4IgggQgsg%2BgIhGBJAdgMwPYCcC2BDAFwEsMUACAGQFMA3KgGxAC4QI8BnIgYxABpxo8RGACuAEyJUUXKs1YYCIAL5AAAA%3D%3D&r=406415
Requested by: Host: blogs.akamai.com
URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.245.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-245-14.eu-west-1.compute.amazonaws.com
Software: / ContentSquare
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
x-powered-by: ContentSquare
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
content-length: 43
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-54527f043b9dd729/ 12 KB
2 KB 211ms
208ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-54527f043b9dd729/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec0ef12b22c4df7e2a0a9f7bc3eeb70daaf7e5358beac2865fb3c1d43457ca80

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:50 GMT
content-encoding: gzip
etag: 1540161347--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=52, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1586

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 136ms
134ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fabf28dbd6f1558&bkl=0&bl=1&pdt=83&sid=5fabf28dbd6f1558&pub=ra-54527f043b9dd729&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=blogs.akamai.com&fp=2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Magecart%2CIn-browser%20security%2Cclient-side%20protection%2Cweb%20skimming%2Cformjacking%2CPage%20Integrity%20Manager%2CMagecart%2CIn-browser%20security%2Cclient-side%20protection%2Cweb%20skimming%2Cformjacking%2CPage%20Integrity%20Manager&colc=1605104270748&jsl=8193&uvs=5fabf28d78db8801000&skipb=1&callback=addthis.cbs.jsonp__181026951138461230
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 17505af34e4b1f913428e1c9a1bf17ca810649c79350f0bfb0514eb04100009b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 11 Nov 2020 14:17:50 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D6F0 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame E790 0
0 52ms
51ms Document
text/html 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 11 Nov 2020 14:17:50 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 239ms
155ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nujvn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Wed, 11 Nov 2020 14:17:50 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5b0edc57fcdce5a3dd8b4107b17dfa88
x-transaction: 006c24ba00a81436
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/135745/ 0
269 B 6ms
6ms Image
text/html 2a02:26f0:6c00::210:ba58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/135745/b?dE=18&cS=18&cE=47&rqS=48&rsS=73&rsE=77&sS=23&dl=75&di=544&fp=389&dlS=544&dlE=545&dc=1831&leS=1832&leE=1858&to=&ol=0&cr=4&mt=&mb=&b=273&u=https%3A//blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/83.0.4103.61%20Safari/537.36&pl=Linux%20x86_64&us=&gh=2.16.186.181&t=&rid=19c36ca6&r=31714&akM=dscx&akN=ae&vc=14:17&bpcip=ag1z17ozci&akTX=1&akTI=19c36ca6&ai=197727&pmgn=rumBlogsAkamaiCom&pmgi=&pmp=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba58 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Nov 2020 14:17:50 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Wed, 11 Nov 2020 14:17:50 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 26ms
26ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 11 Nov 2020 14:17:50 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 25ms
25ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-68f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 11 Nov 2020 14:17:51 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
320 B 436ms
434ms XHR
application/json 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html
last-modified: Wed, 11 Nov 2020 14:00:00 GMT
server: nginx/1.15.8
date: Wed, 11 Nov 2020 14:17:51 GMT
status: 200
content-type: application/json
access-control-allow-origin: https://blogs.akamai.com
cache-control: no-transform, max-age=0, s-maxage=300
access-control-allow-credentials: true
content-length: 2

GET
BLOB 200
OK 75c3e362-97a0-476b-8a56-725d657d7e6b
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/75c3e362-97a0-476b-8a56-725d657d7e6b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

GET
BLOB 200
OK 1386298a-47e4-4ee8-8dd4-30c7a8500bd9
https://blogs.akamai.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blogs.akamai.com/1386298a-47e4-4ee8-8dd4-30c7a8500bd9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 36316

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 121ms
121ms XHR
text/plain 34.203.160.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3031594931880143&25500&11&1&2&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.160.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-160-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 11 Nov 2020 14:17:51 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 362ms
242ms XHR
text/plain 34.203.160.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3031594931880143&25500&11&2&1&0&105&subsid=232955&msgsize=120
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.160.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-160-148.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 11 Nov 2020 14:17:51 GMT
access-control-allow-origin: *
content-length: 1
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1276761735802781&ev=Microdata&dl=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&rl=&if=false&ts=1605104271454&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22A%20new%20skimmer%20uses%20WebSockets%20and%20a%20fake%20credit%20card%20form%20to%20steal%20sensitive%20data%20-%20The%20Akamai%20Blog%22%2C%22meta%3Adescription%22%3A%22A%20new%20skimmer%20attack%20was%20discovered%20this%20week%2C%20targeting%20various%20online%20e-commerce%20sites%20built%20with%20different%20frameworks.%20As%20of%20the%20writing%20of%20this%20blog%20post%2C%20the%20attack%20is%20still%20active%20and%20exfiltrating%20data.%22%2C%22meta%3Akeywords%22%3A%22Magecart%2C%20In-browser%20security%2C%20client-side%20protection%2C%20web%20skimming%2C%20formjacking%2C%20Page%20Integrity%20Manager%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1605104269949.679690052&it=1605104269876&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:17:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 11 Nov 2020 14:17:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blogs.akamai.com/	1970-01-19 13:51:46	Name: __atuvs Value: 5fabf28d78db8801000
blogs.akamai.com/	1970-01-19 23:20:32	Name: __atuvc Value: 1%7C46
.akamai.com/	1970-01-19 22:37:20	Name: __CT_Data Value: gpv=1&ckp=tld&dm=akamai.com&apv_25500_www14=1&cpv_25500_www14=1&rpv_25500_www14=1
.akamai.com/	1970-01-19 14:34:56	Name: _CT_RS_ Value: Recording
blogs.akamai.com/	1970-01-19 14:34:56	Name: clientId Value: 946794791.1605104269
.akamai.com/	1970-01-19 13:51:46	Name: _cs_s Value: 1.1
.akamai.com/	1970-01-19 23:21:08	Name: _cs_id Value: 3134f3c8-127f-af85-8522-b12f77598e28.1605104270.1.1605104270.1605104270.1.1639268270031.Lax.0
.akamai.com/	1970-01-20 07:22:56	Name: _mkto_trk Value: id:642-SKN-449&token:_mch-akamai.com-1605104270014-67987
.akamai.com/	1970-01-19 16:01:20	Name: _fbp Value: fb.1.1605104269949.679690052
.akamai.com/	1970-01-19 22:37:20	Name: WRUID20200910 Value: 3031594931880143
.akamai.com/	1970-01-19 13:51:44	Name: _dc_gtm_UA-34796267-1 Value: 1
.akamai.com/	1970-01-19 13:51:46	Name: _cs_mk Value: 0.22868847951761762_1605104269733
.akamai.com/	1970-01-19 23:21:08	Name: _cs_c Value: 1
.akamai.com/	1970-01-19 16:01:20	Name: _gcl_au Value: 1.1.937911805.1605104270
.akamai.com/	1970-01-19 13:51:44	Name: _gat Value: 1
.akamai.com/	1970-01-19 13:51:51	Name: ak_bmsc Value: C5F85A9F6F776B92CAE38195FB5F28320210BAB5330900008CF2AB5F2311D969~plqD3Wg91B7t7XTCYGMsAw7XiD8RJ/1T37jJIfe8ef6N+8XvbhlCh9GOvXf/cvF9tL+sgREAhx+jEfjSOknB48wXGkbf6E5uvF2KHbh43Gws5IwnsdgA6R8/dZUAZ+aNyIDsT+IgojQzMJftdQQsk1LqzOuUjyZTfPhUewtbvGPjcI2jQg+8Vd4NwjeEk9OfemrKmVHkKV139ge6gVMGAIYbPpJcYxSIkxhRvSlBxnb44=
.akamai.com/	1970-01-19 13:53:10	Name: _gid Value: GA1.2.1396379063.1605104269
.akamai.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%221%22%3A%5B%22Content%20Tag%22%2C%22Cloud%20Security%2CRetail%20%26%20Commerce%22%5D%2C%227%22%3A%5B%22Publication%22%2C%22blogs-us%22%5D%7D
.blogs.akamai.com/	1970-01-19 22:37:20	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Nov+11+2020+15%3A17%3A49+GMT%2B0100+(Central+European+Standard+Time)&version=6.5.0&hosts=&consentId=4916e4db-35af-4d29-915d-e2d1f9885645&interactionCount=0&landingPath=https%3A%2F%2Fblogs.akamai.com%2F2020%2F11%2Fa-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1
.akamai.com/	1970-01-20 07:22:56	Name: _ga Value: GA1.2.946794791.1605104269

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html(Line 1829) Message: null
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 642-SKN-449 [object Object]
console-api	debug	(Line 1) Message: * ga found *
console-api	debug	(Line 1) Message: * client id tag fired *
console-api	debug	(Line 2) Message: * Client Id - 946794791.1605104269 is set to cookie *
console-api	debug	(Line 2) Message: * Client Id - 946794791.1605104269 is added to global var *

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

642-skn-449.mktoresp.com
analytics.twitter.com
api-public.addthis.com
api.company-target.com
attr.ml-api.io
blogs.akamai.com
c.clicktale.net
cdn.cookielaw.org
cdnssl.clicktale.net
connect.facebook.net
ds-aksb-a.akamaihd.net
googleads.g.doubleclick.net
ing-district.clicktale.net
m.addthis.com
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
s.ml-attr.com
s7.addthis.com
scripts.demandbase.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
v1.addthisedge.com
www.akamai.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
z.moatads.com
s7.addthis.com
104.111.216.96
104.111.241.218
104.244.42.131
104.244.42.69
104.75.88.112
13.224.194.11
13.225.73.6
143.204.89.35
151.101.112.157
185.33.221.53
192.28.144.124
216.58.205.226
2606:4700::6810:9440
2620:1ec:21::14
2a00:1450:4001:801::200e
2a00:1450:4001:806::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2008
2a00:1450:400c:c00::9d
2a02:26f0:10c:582::25ea
2a02:26f0:6c00:297::2469
2a02:26f0:6c00:29e::6a3
2a02:26f0:6c00::210:ba58
2a02:26f0:f1:287::2db0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
34.203.160.148
52.212.245.14
54.239.192.65
54.72.203.0
68.67.153.60
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0733a4aa3e7b04135927147d05000d647004fc7b620cc1bf22ea4c5416d96907
10493c31cbfb05ee4bd0f22af083230ea95ea86e926b4518fa8dd84b2fa088a3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112c17a4ac183b69fb78e930c74bd1fb71300897dcae47977e49399e053bb09d
138d8daa9df59c0b8ed55534c8e15f31c3c7026597ceb7e945efe2e2e3415d8e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17505af34e4b1f913428e1c9a1bf17ca810649c79350f0bfb0514eb04100009b
19219f72fd4543cecc1d8b29990dbad3d015c4d0e380c9dce85a3302d456ce1e
1e2942cee7c1918b78c99fef5e4e14353452aa940a2340e378473392bc1508dc
29f69e95876c66e283bb1b262c4b6a138f38e1cf5ee38a3a87e2814df6aefa8c
2a7af71edf6d8f39d2c39679cf0ba2f52b10f72a82be4ea866e97590f7be850e
30d2499e284c2f1815b834bfd6500bf5ad829cc9395490a4fbd9940378e9b61c
375b990e5422e1ba8307db7b5c67975b2e3667b0b1bdc9469345cfb6b2a963ef
3b22ee26f24258ced44341fca66e9e8dc7037cc531ce7229d0eb70a78b7e7113
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dbb8c3acfe4fbeb258194c9f772218f7d4b825c0a7c96650dffe47f81495b19
3dbdbf1c436bc7ac645619e20285acf1b944a4670cb34062cd10538640932368
42004773101c4797209f723da0d0bc72d504a0a5cc0c8ec05211a10c58ac0191
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4ea2958d7ec4ed3e4e29d5398463fd4196e128795eb99b467cd548aff6495b63
525b5a7120237b0bcb87b240291a2595c27ef575f7518db39af87c99f35b2fd6
533a3c28a3967a637a86822731f6ae063c9adc4210de1ce3a8aefd9961577cdd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58ccd1f27ccd00a7f5ab181319c4b09678ae4b7bdac118a60760e09dc49c2119
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e0dea7631b5f30523b0e56256fb2b7d9b6dd02d4bc98556de875d6e53637802
5ea7c7f59e99dfc7785f9ffefd329d64023dd97b9b27c1c12835fada874279a8
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1
68d7310e853e6676ab8a2cb0e5e815e7c514b6ea75ca1ba6674ccb0be6870bf2
725a6e06c6c4db64af816ee1d9f6a82d1d5c99439c2ffe3cd1a58413c736946a
74947c105fbe072189e449936e31c01048e8d20ea4137098eff1b1fdc09ec3c3
780ea58d20d64c191392bd73c0aa82de2f2d1164da02e3f50bfc8b1587688d01
78780b4c895552058a088bb03d1d661f866e2a702b6ef0fc81da3fb4b699fe90
79e7bbd861755f670d155016146c3f83f61661eb20495627266a5e6569c1bc03
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
8073776d34872ade5733678679780ce4fdbe3f82fed48ce45da7bd19adc41c25
823cb0a78f40ffe964057ee45ec80564b9a9f38b1d1c01c70e5ed2d543937f49
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837b1df4e6afd164cddafe91e5801b3dfe5758c32418d1d5236d6c8a23eaf003
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f32e9d2bc90eba7d310965d6c3e53837e2a8681c2fc3aa710b474a8e4a7046
92db72d29e0b134689e612a6b14b56876d13046f8c85452dc84398fc4a4b5e1f
943bf13a74414d92ca5351ee76bb447f6d251b4de19a82f0160f2450de186402
94b8297f3fb848f41fa988ebc575f65c4aa2e458f04dba48025287249bcba66f
9696ba2db9650cf65d236998665cb42afb1bc877ceadd6f88fb542f7725ad557
9b28e38e151bcfc7e99f314fb6208cdf4dccb19532794a087fd06d08e8ad9c52
9b8e4ce379725beb99115050b7339852a1281bdab67ef7bc271a4a48b46969a3
9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0
9e03a63a27af3ed05eadbfdb9d7de4ccbfe24adadfa2c3390c70dc09bbd729fb
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1f08a0ffef73b63bbb91e8205a1d4560cc8ee214855558336f9d0473a20da26
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
a9dc975308ae1e0ba49e3cf0cc63c99f9e13a130898abc11746b7e1a4e749471
aae274ea0ffe43e0504cf9d70015a59dd87b20713c1061f8ed91f0c738262771
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b5a05e8b180cfb6d58884e4106df4c3e74c198e97f09c8d112a3645f265f71
b3d0954dce6e71682556b1c8ccaabb10adfb2ff8d6c1dd5c6a989660dcfa967b
b458ee55ed784747e997d444d829a353186fa44f5762afe54c626b9fcec8aef5
bb26b55b6ad213db632a6a4cde85e187746648f0feef6e2eaaed82ee5ec111e2
c23ebf2c0ec8e37a6a0a179720c9763bf4e1f0ed993fe7d0ad41d4d9774fe957
c52b6154710730fad4aea6cfd15cfd7226a6301285655980feff5cca135bb8c4
cd0b93e601f0c6879b03f1cf419a72c592d57a4902f4a2ad4fd442ca964a62b8
d0b69006ced59bc683ec91dfa4c2647931b7f9e2fb0b28fb4aad32b3eb56747b
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d327bc6cab8bbd2cc9cb1190c836e414b1c13ba03fd05c1f7e4adca28af12968
d69daccb0fc6797291cf45920cd24cc6876a52ed13a6ae5d76fc598d86c16619
da19a0ad5bc11f470b286a87017889c2a95e351bf5ad91327c07f488ff958a93
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4f900e261a4e95471b85d1b1a97e796c1de085fe6e3db2bd7bb7b3b5bb1e507
e50a46a1fd4f05aa7429af42a6639e888493df71782bac4527295fb36ee9d75e
e767ae101e0f675e800b3c78bcce8b95658524a3b1df6d9d3f1931f41e31f09a
e885469ef21191a22f8ea11619a1fc57a1893d93bdabad6ef39e987967ed2c70
ec0ef12b22c4df7e2a0a9f7bc3eeb70daaf7e5358beac2865fb3c1d43457ca80
edfc6dedf98d3024cc61633b2ee53ab4398e59ad287b132ecf6a41a0acb47d68
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f32102e74e82fcae9c748b45d50ba0f5c112b60984f47db9eba4c1020770ef7f
f88b2a24f841bdebc7b73ec1e58f2b4899fec6c11375601e350033946d7d583f
f8b2738e130b776517f2ea440e738df920492b1445191f068bcec61511e9d5fc
f8e55488b7aab65a10ccfaa3990a2915d64c722d9b8bf384cd346a04fc511a0b
fb86d56383ff7fa14b5260253935ce2c27f97945519ab5ff22fde97094926914
fbd7dc11673944c030c85b314432593439647c0c602eee37dee363c2644465e4
fcd12f8cf110f0be2649040783e879d2bacefbf529875c900231a3f5f0132918

blogs.akamai.com Open in urlscan Pro 2a02:26f0:6c00:297::2469 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

113 Requests

94 %HTTPS

48 %IPv6

28 Domains

36 Subdomains

30 IPs

6 Countries

3033 kBTransfer

6214 kBSize

20 Cookies

74 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blogs.akamai.com Open in urlscan Pro
2a02:26f0:6c00:297::2469 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

94 %
HTTPS

48 %
IPv6

28
Domains

36
Subdomains

30
IPs

6
Countries

3033 kB
Transfer

6214 kB
Size

20
Cookies

113 HTTP transactions
2 data transactions